OSSEC Overview

OSSEC is the world’s most widely used open source host based intrusion detection system

Tens of thousands of organizations rely on OSSEC for log-based intrusion detection, file integrity monitoring, and active response. OSSEC runs on virtually every operating system and is widely used in both on-premise and in cloud environments.

With more than 15 years in the market and hundreds of project contributors, OSSEC is used by tens of thousands of organizations globally. OSSEC was created by Daniel Cid in 2003 and is currently managed by Scott Shinn of Atomicorp.

OSSEC is free and open source and is available for download at ossec.net.


OSSEC Conference Video Access


OSSEC Features

• File Integrity Monitoring (FIM)

• Log Monitoring

• Rootkit Detection

• Auditing

• Time-based Alerting

• Active Response

• Export to SIEMs

• Log Analysis

• Process Monitoring

Atomic Enterprise OSSEC

With Atomic Enterprise OSSEC, Atomicorp extends the power of OSSEC to enhance security, manageability, and compliance.

Interested in learning more about Scaling Server and Cloud OSSEC Deployments? Check out our 30-minute recorded webinar where Scott Shinn, OSSEC Project Manager and Atomicorp CTO, shares common challenges and opportunities for optimization. Scott also provides a demo of Atomic Enterprise OSSEC, so you can see it in action.

Comparing OSSEC and Atomic Enterprise OSSEC

Feature OSSEC Atomic Enterprise OSSEC
Management Interface Command Line GUI
Host-based Intrusion Detection, Log-based Intrusion Detection, File Integrity Monitoring, Rootkit Detection, Active Response    
Threat Intelligence    
Compliance Report (PCI, DISA, others)    
Expert Technical Support    
Graphical OSSEC Rule Manager    
OSSEC Rule Development Support    
Custom Alerts for File Integrity Monitoring    
Graphical Rollback Management    
Active Response Management    
Log & Alert Data Broker    

Atomic Enterprise OSSEC Runs Anywhere

Angled border