Ossec
Ossec: Open Source Host-Based Intrusion Detection System
Open source host-based intrusion detection system providing log analysis, file integrity monitoring, policy monitoring, rootkit detection, real-time alerting and active response.
What is Ossec?
Ossec is an open source host-based intrusion detection system (HIDS) that provides log analysis, file integrity monitoring, policy monitoring, rootkit detection, real-time alerting and active response. It is designed to detect unauthorized intrusions, system anomalies and policy violations on systems. Here are some key features of Ossec:
- Cross-platform - works on Linux, Windows, macOS, Solaris, HP-UX and AIX systems.
- Log analysis - analyzes system logs in real-time to detect suspicious activities and intrusion attempts.
- File integrity monitoring - monitors changes to critical system files to detect unauthorized modifications.
- Rootkit detection - scans systems for rootkits and other malware.
- Real-time alerting - sends notifications via email, syslog, SNMP trap when security issues are detected.
- Active response - can be configured to block attackers actively in real-time when intrusion attempts detected.
- Centralized management - manager server allows monitoring and management of multiple agents from one console.
- Open source - developed, updated and maintained by a large community of contributors.
Ossec provides enterprise-class host intrusion detection capabilities for free. Its broad platform support, real-time monitoring and active response make it a popular open source choice for HIDS.
Ossec Features
Features
- Log analysis
- File integrity monitoring
- Policy monitoring
- Rootkit detection
- Real-time alerting
- Active response
Pricing
- Open Source
Pros
Cons
Official Links
Reviews & Ratings
Login to ReviewThe Best Ossec Alternatives
View all Ossec alternatives with detailed comparison →
Top Security & Privacy and Intrusion Detection and other similar apps like Ossec
Wazuh
Tripwire
Verisys
