About OSSEC HIDS

Host Intrusion Detection for Everyone

OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS)

OSSEC has a powerful correlation and analysis engine, integrating log analysis, file integrity monitoring, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.

 

OSSEC Holiday Con 2020

OSSEC Is Open Source

OSSEC is a free software and will remain so in the future. You can redistribute it and/or modify it under the terms of the GNU General Public License (version 2) as published by the FSF – Free Software Foundation.

Used By Almost Everyone

OSSEC is a growing project, with more 500,000 downloads a year. It is used by everyone from large enterprises to small businesses to governments agencies as their primary server intrusion detection system — both on premise and in the cloud. In addition to being deployed for server protection, OSSEC , is commonly used strictly as a log analysis tool, monitoring and analyzing firewalls, IDSs, web servers and authentication logs.

OSSEC Features

Log based Intrusion Detection (LIDs)

Actively monitors and analyzes data from multiple log data points in real-time

Rootkit and Malware Detection

Process and file level analysis to detect malicious applications and rootkits

Active Response

Respond to attacks and changes on the system in real time through multiple mechanisms including firewall policies, integration with 3rd parties such as CDN’s and support portals, as well as self-healing actions

Compliance Auditing

Application and system level auditing for compliance with many common standards such as PCI-DSS, and CIS benchmarks

File Integrity Monitoring (FIM)

For both files and windows registry settings in real time not only detects changes to the system, it also maintains a forensic copy of the data as it changes over time.

System Inventory

Collects system information, such as installed software, hardware, utilization, network services, listeners and other information.

Community Support

OSSEC GitHub

Post issues and get caught up on OSSEC development at the OSSEC Github account >>

OSSEC Google Mailing List

Submit questions about installation, usage and configuration. With low usage (around 120/150 per month) it’s the best way to have your questions answered. Note that community support is provided by volunteers. Be polite and provide enough information so everyone can understand your issue.

Subscribe

 

Developers Group on Google

Development questions, patches and anything related to coding should be sent to the ossec-dev list. It has a very low volume of messages (around 20/30 per month) and is highly technical.

Subscribe

Project Team

OSSEC Core Team:

 

Scott R. Shinn – OSSEC Project Manager, RPM / DEB repositories, Docker, Development – scott@ossec.net

Dan Parriott – Community support, docs, rules, testing – ddpbsd@ossec.net

Dominik Lisiak – Free BSD port maintainer – mobstef@ossec.net

Former OSSEC Development Team Members

Daniel B. Cid – Founder of the OSSEC Project – dcid@dcid.me

Jeremy Rossi – OSSEC Development Manager – jeremy@jeremyrossi.com

Santiago Bassett – DEB repositories, SIEM integration – santiago@wazuh.com

Brad Lhotsky – Development, system integration, rules –brad.lhotsky@gmail.com

Andrew Widdersheim – Development, testing, rules – awiddersheim@hotmail.com

Jia-Bing (JB) Cheng – SIEM integration, community support – Jia-BingJB_Cheng@trendmicro.com

Michael Starks – Community Support, rules

Vic Hargrave – Development, testing – vichargrave@gmail.com

Contributors

Development

Dan Garthwaite

Lance A. Brown

danpop60

Martin DiViaio

Michael Boyd

ibatten

rhelfter

Peter Drake

Mikey Austin

Harshil Mathur

Ryan Schulze

navtej

Meir Michanie

Slava Semushin

Ahmet Ozturk

George Kargiotakis

Jason Stelzer

Xavier Mertens

Christian Beer

Gael Muller

Ky-Anh Huynh

Hakisho Nukama

Danny Fullerton

Justin Gerace

jknockaert

Jason Stelzer

Antonio Querubin

Stjepan Gros

cmlara

Christian Gottsche

Dominic

Cristobel

jp.zurbrugg

Bil Hays

Wouter Clarie

Mario Weigel

Past OSSEC Project Team Members

Cédric Bleimling

Dean Takemori

Sebastien Tricaud

Jeff Schroeder

Giannis Vrentzos

Peter Ahlert

Rafael Capovilla

Andre Alexandre Gaio

Liliane A. Cid

Marcus Maciel

Stephen Kreusch

Stephen Bunn

Kayvan A. Sylvan

Dianzhi Wang

Meir Michanie

Jonathan Scheidell

Saman

ChuckD

Jorge Augusto Senger

David J. Bianco

Ivan Lotina

Robert Millan

Martin West

Rafael Capovilla

Florian Crouzqat

Danny Fullerton

Jeremy Hanmer

Pepe Sanz

Kat Fitzgerald

Regis Houssin

carlopmart

Ash Kumar

Alexandro Silva

Mike Downey

Hai Nguyen

Jeffrey Jackson

Ben Chavet

Bill Parker

Schnaffon

Ralf Spenneberg

Darren Worrall

aalberdi

Translations

DUTCH

Martijn de Boer

SERBIAN

Martijn de Boer

CHINESE

Brian Wang

GERMAN

Peter Ahlert

TURKISH

Ahmet Ozturk

ITALIAN

Alberto Furia

FRENCH

Yves Bigliazzi

POLISH

Dziankowski Krzysztof

JAPANESE

Kuzuno Hiroki

RUSSIAN

Yuri Slobodyanyuk

SPANISH

Meir Michanie

PORTUGUESE

Daniel Barcellos

Allan Soares

Willian Itiho Amano

Liliane Cid