===== About ===== OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response.It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows. Check out `What's New `_ for the latest release info. OSSEC is Free ~~~~~~~~~~~~~ OSSEC is a free software and will remain so in the future; you can redistribute it and/or modify it under the terms of the GNU General Public License (version 2) as published by the FSF – Free Software Foundation. Widely Used ~~~~~~~~~~~ OSSEC is a growing project, with more than 5,000 downloads per month on average. It is being used by ISPs, universities, governments and even large corporate data centers as their main HIDS solution. In addition to being deployed as an HIDS, it is commonly used strictly as a log analysis tool, monitoring and analyzing firewalls, IDSs, web servers and authentication logs. Support Options ~~~~~~~~~~~~~~~ There are a number of options for both community and commercial support for OSSEC. Community Support ----------------- OSSEC Github ^^^^^^^^^^^^ You can post issues and get caught up on OSSEC development at the `OSSEC Github account `_. OSSEC Users Group on Google ^^^^^^^^^^^^^^^^^^^^^^^^^^^ Questions about installation, usage and configuration should be sent to this list. It has a low volume of messages (around 120/150 per month) and is the best way to have your questions answered. Please note that the “community” support is provided by volunteers, and even though they will do their best to answer and help you, this may not be always possible. The rules are: be polite and provide enough information so everyone can understand your issue. To subscribe to the **ossec-list**: * Send an email to **ossec-list+subscribe@googlegroups.com** with the subject of **Subscribe ossec-list**. * Messages should be sent to ossec-list@googlegroups.com To unsubscribe: Send an email to **ossec-list+unsubscribe@googlegroups.com**. OSSEC Developers Group on Google ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Development questions, patches and anything related to coding should be sent to the ossec-dev list. It has a very low volume of messages (around 20/30 per month) and is highly technical. To subscribe to **ossec-dev**: * Send an e-mail to **ossec-dev+subscribe@googlegroups.com** with the subject of **Subscribe ossec-dev**. * Messages should be sent to **ossec-dev@googlegroups.com**. To unsubscribe: * Send an email to **ossec-dev+unsubscribe@googlegroups.com**. Commercial Support ------------------ **Atomicorp** Atomicorp is the producer of Atomic Secured Linux™ which features a secure Linux system that includes OSSEC as one of its core technologies. Atomicorp provides comprehensive support services for all your security needs including deployment assistance and post-sale support for OSSEC. The company has long been involved with the OSSEC Project and currently builds the OSSEC RPM packages for each release. You can find out more about Atomicorp product and support offerings by contacting their sales team at sales@atomicorp.com or visiting their products listing page at: ``_. OSSEC Team ~~~~~~~~~~ Currently the core OSSEC Team consists of the following developers and committers: **Scott R. Shinn** – OSSEC Development Manager – scott (at) atomicorp.com **Dan Parriott** – Community support, docs, rules, testing – ddpbsd (at) gmail.com **Dominik Lisiak** – FreeBSD port maintainer – mobstef (at) ossec.net Former OSSEC Team Members ~~~~~~~~~~~~~~~~~~~~~~~~~ **Daniel B. Cid** – Founder of the OSSEC Project – dcid (at) dcid.me **Michael Starks** – Community Support, rules **Vic Hargrave** – Development, testing – vichargrave (at) gmail.com **Jeremy Rossi** – OSSEC Development Manager – jeremy (at) jeremyrossi.com **Santiago Bassett** – DEB repositories, SIEM integration – santiago (at) wazuh.com **Brad Lhotsky** – Development, system integration, rules – brad . lhotsky (at) gmail.com **Andrew Widdersheim** – Development, testing, rules – awiddersheim (at) hotmail.com **Jia-Bing (JB) Cheng** – SIEM integration, community support – Jia-BingJB_Cheng (at) trendmicro.com Community Contributors ~~~~~~~~~~~~~~~~~~~~~~ Development - Meir Michanie - Slava Semushin - Ahmet Ozturk - George Kargiotakis - Jason Stelzer - Xavier Mertens - Stjepan Gros - cmlara - Christian Gottsche - Dominic - Cristobel - jp.zurbrugg - Bil Hays - Wouter Clarie - Mario Weigel - Christian Beer - Gael Muller - Ky-Anh Huynh - Dan Garthwaite - Lance A. Brown - danpop60 - Martin DiViaio - Michael Boyd - ibatten - rhelfter - Peter Drake - Mikey Austin - Harshil Mathur - Ryan Schulze - navtej - Hakisho Nukama - Danny Fullerton - Justin Gerace - jknockaert - Jason Stelzer - Antonio Querubin Testing/Patches Rules and other contributions. - Cédric Bleimling - Sebastien Tricaud - Jeff Schroeder - Giannis Vrentzos - Peter Ahlert - Rafael Capovilla - Andre Alexandre Gaio - Liliane A. Cid - Marcus Maciel - Stephen Kreusch - Kayvan A. Sylvan - Dianzhi Wang - Meir Michanie - Stephen Bunn - Jonathan Scheidell - \|SaMaN\| - ChuckD - Jorge Augusto Senger - ossec2mysql (contrib) - David J. Bianco - Ivan Lotina - Robert Millan [ackstorm] - Martin West - Rafael Capovilla - Florian Crouzqat - Danny Fullerton - Jeremy Hanmer - Pepe Sanz - Kat Fitzgerald - Regis Houssin - carlopmart - Ash Kumar - Alexandro Silva - Mike Downey - Hai Nguyen - Jeffrey Jackson - Ben Chavet - Bill Parker - Schnaffon - Ralf Spenneberg - Darren Worrall - aalberdi Translations - Dutch: - Martijn de Boer - Serbian: - Maja Michanie - Portuguese: - Daniel Barcellos - Allan Soares - Willian Itiho Amano - Liliane Cid - German: - Peter Ahlert - Turkish - Ahmet Ozturk - Polish - Dziankowski Krzysztof - Italian - Alberto Furia - French - Yves Bigliazzi - Japanese - Kuzuno Hiroki - Russian - Yuri Slobodyanyuk - Spanish - Meir Michanie - Chinese - Brian Wang