OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS)
OSSEC has a powerful correlation and analysis engine, integrating log analysis, file integrity monitoring, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.
OSSEC Is Open Source
OSSEC is a free software and will remain so in the future. You can redistribute it and/or modify it under the terms of the GNU General Public License (version 2) as published by the FSF – Free Software Foundation.
Used By Almost Everyone
OSSEC is a growing project, with more 500,000 downloads a year. It is used by everyone from large enterprises to small businesses to governments agencies as their primary server intrusion detection system — both on premise and in the cloud. In addition to being deployed for server protection, OSSEC , is commonly used strictly as a log analysis tool, monitoring and analyzing firewalls, IDSs, web servers and authentication logs.
OSSEC Features
Log based Intrusion Detection (LIDs)
Actively monitors and analyzes data from multiple log data points in real-time
Rootkit and Malware Detection
Process and file level analysis to detect malicious applications and rootkits
Active Response
Respond to attacks and changes on the system in real time through multiple mechanisms including firewall policies, integration with 3rd parties such as CDN’s and support portals, as well as self-healing actions
Compliance Auditing
Application and system level auditing for compliance with many common standards such as PCI-DSS, and CIS benchmarks
File Integrity Monitoring (FIM)
For both files and windows registry settings in real time not only detects changes to the system, it also maintains a forensic copy of the data as it changes over time.
System Inventory
Collects system information, such as installed software, hardware, utilization, network services, listeners and other information.
Community Support
OSSEC GitHub
Post issues and get caught up on OSSEC development at the OSSEC Github account >>
OSSEC Google Mailing List
Submit questions about installation, usage and configuration. With low usage (around 120/150 per month) it’s the best way to have your questions answered. Note that community support is provided by volunteers. Be polite and provide enough information so everyone can understand your issue.
Developers Group on Google
Development questions, patches and anything related to coding should be sent to the ossec-dev list. It has a very low volume of messages (around 20/30 per month) and is highly technical.
Project Team
OSSEC Core Team:
Scott R. Shinn – OSSEC Project Manager, RPM / DEB repositories, Docker, Development – scott@ossec.net
Dan Parriott – Community support, docs, rules, testing – ddpbsd@ossec.net
Dominik Lisiak – Free BSD port maintainer – mobstef@ossec.net
Former OSSEC Development Team Members
Daniel B. Cid – Founder of the OSSEC Project – dcid@dcid.me
Jeremy Rossi – OSSEC Development Manager – jeremy@jeremyrossi.com
Santiago Bassett – DEB repositories, SIEM integration – santiago@wazuh.com
Brad Lhotsky – Development, system integration, rules –brad.lhotsky@gmail.com
Andrew Widdersheim – Development, testing, rules – awiddersheim@hotmail.com
Jia-Bing (JB) Cheng – SIEM integration, community support – Jia-BingJB_Cheng@trendmicro.com
Michael Starks – Community Support, rules
Vic Hargrave – Development, testing – vichargrave@gmail.com
Contributors
Development
Dan Garthwaite
Lance A. Brown
danpop60
Martin DiViaio
Michael Boyd
ibatten
rhelfter
Peter Drake
Mikey Austin
Harshil Mathur
Ryan Schulze
navtej
Meir Michanie
Slava Semushin
Ahmet Ozturk
George Kargiotakis
Jason Stelzer
Xavier Mertens
Christian Beer
Gael Muller
Ky-Anh Huynh
Hakisho Nukama
Danny Fullerton
Justin Gerace
jknockaert
Jason Stelzer
Antonio Querubin
Stjepan Gros
cmlara
Christian Gottsche
Dominic
Cristobel
jp.zurbrugg
Bil Hays
Wouter Clarie
Mario Weigel
Past OSSEC Project Team Members
Cédric Bleimling
Dean Takemori
Sebastien Tricaud
Jeff Schroeder
Giannis Vrentzos
Peter Ahlert
Rafael Capovilla
Andre Alexandre Gaio
Liliane A. Cid
Marcus Maciel
Stephen Kreusch
Stephen Bunn
Kayvan A. Sylvan
Dianzhi Wang
Meir Michanie
Jonathan Scheidell
Saman
ChuckD
Jorge Augusto Senger
David J. Bianco
Ivan Lotina
Robert Millan
Martin West
Rafael Capovilla
Florian Crouzqat
Danny Fullerton
Jeremy Hanmer
Pepe Sanz
Kat Fitzgerald
Regis Houssin
carlopmart
Ash Kumar
Alexandro Silva
Mike Downey
Hai Nguyen
Jeffrey Jackson
Ben Chavet
Bill Parker
Schnaffon
Ralf Spenneberg
Darren Worrall
aalberdi
Translations
DUTCH
Martijn de Boer
SERBIAN
Martijn de Boer
CHINESE
Brian Wang
GERMAN
Peter Ahlert
TURKISH
Ahmet Ozturk
ITALIAN
Alberto Furia
FRENCH
Yves Bigliazzi
POLISH
Dziankowski Krzysztof
JAPANESE
Kuzuno Hiroki
RUSSIAN
Yuri Slobodyanyuk
SPANISH
Meir Michanie
PORTUGUESE
Daniel Barcellos
Allan Soares
Willian Itiho Amano
Liliane Cid