OSSEC

Last updated
OSSEC
Developer(s) Daniel B. Cid et al.
Stable release
3.8.0 [1] / 5 January 2025;2 months ago (5 January 2025)
Repository
Written in C
Operating system Cross-platform
Type Security / HIDS
License GNU GPL v2
Website www.ossec.net

OSSEC (Open Source HIDS SECurity) is a free, open-source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response. It provides intrusion detection for most operating systems, including Linux, OpenBSD, FreeBSD, OS X, Solaris and Windows. OSSEC has a centralized, cross-platform architecture allowing multiple systems to be easily monitored and managed. [2] OSSEC has a log analysis engine that is able to correlate and analyze logs from multiple devices and formats. [3]

Contents

History

In June 2008, the OSSEC project and all the copyrights owned by Daniel B. Cid, the project leader, were acquired by Third Brigade, Inc. They promised to continue to contribute to the open source community and to extend commercial support and training to the OSSEC open source community.

In May 2009, Trend Micro acquired Third Brigade and the OSSEC project, with promises to keep it open source and free.

In 2018, Trend released the domain name and source code to the OSSEC Foundation.

The OSSEC project is currently maintained by Atomicorp who stewards the free and open source version and also offers a commercial version.

Characteristics

OSSEC consists of a main application, an agent, and a web interface. [4]

Features

See also

References

  1. "Release 3.8.0". 5 January 2025. Retrieved 26 January 2025.
  2. 1 2 "About". OSSEC Project Team. 2017. Retrieved 2018-05-10.
  3. "Log Samples". OSSEC Project Team. 2017. Retrieved 2018-05-10.
  4. "OSSEC Architecture". OSSEC Project Team. 2017. Retrieved 2018-05-10.