OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response.

It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows. A list with all supported platforms is available here.

OSSEC is free

OSSEC is a free software and will remain so in the future; you can redistribute it and/or modify it under the terms of the GNU General Public License (version 3) as published by the FSF - Free Software Foundation. More details here.

Awards and Reviews

The OSSEC project has received some pretty good awards/reviews in the past. Check them out out our Awards page.

Easy to install

OSSEC is multi-platform and can be easily installed on most operating systems. Just follow some of our Install guides if you need some help.

Widely used

OSSEC is a growing project, with more than 5,000 downloads per month on average. It is being used by ISPs, universities, governments and even large corporate data centers as their main HIDS solution. In addition to being deployed as an HIDS, it is commonly used strictly as a log analysis tool, monitoring and analyzing firewalls, IDSs, web servers and authentication logs.

Active Development

OSSEC has a very active development, with a release cycle of every 3/4 months. Bugs and feature requests can be sent through our bugzilla or mailing lists and we will do our best to solve them. If you are interested in being a part of this project, we are always open to new contributors. Check out our FAQ entry “How to start helping with the project?” for more information.

Commercial Support

If you need an enterprise-class commercial support for OSSEC, Third Brigade, Inc., the company behind this great open source project, offers this option to our users. More information at the OSSEC commercial support page.