Atomic OSSEC

Atomic OSSEC for Extended Detection and Response (XDR)

Extended detection and response (XDR) in a flexible but powerful open-source-based IDS

Why Atomic OSSEC

Atomic OSSEC is an endpoint and cloud workload protection software system that harnesses the rapid nature of open source security operation to meet all the requirements of extended detection and response (XDR). These requirements include deeper and more advanced security capabilities than earlier-generation endpoint detection and response (EDR) systems and intrusion detection systems (IDSs), namely in the areas of protection, detection, and response, and lower TCO, for which open source lays the foundation.

Atomic OSSEC is an IDS and XDR all in one, and you don’t have to wait for your big commercial vendors to patch software vulnerabilities in order to get protected. XDR is important to achieve (over traditional EDR) because security today must go deeper, wider and faster in protecting organizational assets, into a new landscape of potential vectors and vulnerabilities spanning the internet, cloud, and the virtualized server and container environments you create and run. Last but not least, the Atomic OSSEC IDS and XDR provides leading file integrity monitoring (FIM) software and support, which is a critical function for security and compliance.

The Atomic OSSEC security solution is also available for you as part of a managed, hosted service.

Download Solution Brief

 


Built on the Power of OSSEC

OSSEC provides foundational capabilities for security and compliance in any cloud, container, or server environment including:

OSSEC Intrusion Detection

Intrusion Detection

Detect anomalous behaviors on servers and cloud workloads.

OSSEC File Integrity Monitoring (FIM)

File Integrity Monitoring

Validates integrity of operating systems and application files.

OSSEC Log Management

Log Management

Manage log events and route to SIEMs or other monitoring systems.

OSSEC Active Response

Active Response

Trigger alerts or other actions based on changes to systems or files.

Angled border

Features Found Only in Atomic OSSEC

 

OSSEC Management GUI
Streamline OSSEC Management Across Entire Deployments

Save Time with Purpose Built GUI for OSSEC

Dedicated GUI

  • Expand deployments to non-CLI users
  • Leverage event search and reporting interfaces
  • Visually manage agents, servers, FIM, rollbacks and integrations with third-party systems
  • Centrally view and manage all OSSEC events
Compliance Reporting
Manage Compliance and Audits

Meet Key Compliance Requirements

manage compliance and audits
  • Meet controls for compliance standard such as PCI-DSS, HIPAA, Hitrust, NIST 800-53, NIST 800-171, CIS, GDPR
  • Key compliance capabilities including file integrity monitoring and log consolidation
Centralized OSSEC Management
Centralize OSSEC Agent & Server Configuration & Management

Easily Manage Large or Critical Deployments

centrally managed ossec
  • Available on premises and/or as part of cloud-based SaaS
  • Simplify installation across hundreds or thousands of agents
  • Configure all agents and servers all through a single console
  • Group agents for standardized configuration and management
  • Centrally manage OSSEC rules
Security Log Distillation
Improve Analyst Efficiency and Reduce SIEM Costs

Pinpoint Risks, Reduce Response Times, Cut SIEM Costs

distilled logs
  • Leverages more than 400 out-of-the-box connectors to collect log data
  • Analyzes, tags, and ranks security events
  • Routes critical events to any SIEM or other operational monitoring system
  • All other log data can be sent to cost effective cold storage
  • Zero data loss
Global Threat Intelligence
Enhance Security with Crowdsourced Threat Intelligence

Global Threat Intelligence from the OSSEC Community

global threat intelligence
  • Collects real-time threat intelligence from hundreds of thousands of OSSEC nodes globally
  • Leverage bayesian deep learning to identify malicious actors
  • Provides real-time feed to Atomic Enterprise OSSEC servers for active response and defensive action

previous arrow
next arrow

Comparing OSSEC and Atomic OSSEC

Feature OSSEC OSSEC+ Atomic OSSEC Atomic Advantage
Professional support       Available on premises and/or as part of cloud-based SaaS. Dedicated expertise to help you get the most out of your advanced OSSEC implementation.
File integrity monitoring Basic, Not real-time. Basic, Not real-time. Advanced, Real-time. The ability to monitor more than just files, keeping your databases, servers, cloud environments clean. Automatic log management that discovers discrepancies and mitigates false alarms.
Vulnerability scanning       Assess the vulnerabilities of files and their hosting environments, including directories, servers, and clouds.
Advanced active response and SOAR       Be prepared for unknown attacks, as well as known, with machine learning and built-in seclusion capabilities.
2FA and hardware security key integration       Integration with YubiKey and Google Titan.
Single Sign On       Integration with hundreds of SSO vendors, including Google and Microsoft.
OSSEC rules 100’s 1000’s Over 5,000 5x the number of OSSEC+ rules.
Threat Intelligence       Global community threat data supporting your protection and active response.
Visualization dashboards       Several thousand additional rules and community threat intel data provide the analytical basis for graphics.
Reporting and compliance       Vulnerability, OpenSCAP, Center for Internet Security (CIS), PCI-DSS, HIPAA, GDPR, user defined and more.
SIEM Integration       Out-of-the-box integration with Splunk, ArcSight, ELK, QRadar, and others.
Service support       Dedicated expertise to help you get the most out of your advanced OSSEC implementation.
Support for all major cloud platforms       AWS, Azure, GCP.

Atomic OSSEC Runs Anywhere

Watch An Overview of Atomic OSSEC

 

Request Demo

 

Atomic OSSEC Available as SaaS

OSSEC users can deploy security and compliance capabilities like file integrity monitoring and host-based intrusion detection system (HIDS) faster and get fuller value via an Atomic OSSEC SaaS model.

Atomicorp now offers its Atomic OSSEC security platform through an easy software as a service (SaaS) delivery and management model. Offering Atomic OSSEC via SaaS provides customers with a number of advantages including fast deployment, expert configuration, and less overall installation and management grief. Request a demo and discuss our SaaS option.


 

Start a Free Trial

Azure

Start a 30 day free trial of Atomic OSSEC for Azure.

 


Red Hat Marketplace

Start a 30 day free trial of Atomic OSSEC for OpenShift.


 

Whitepaper: Why FIM?

Whitepaper: Why FIM?

Download this free whitepaper to see how Atomic OSSEC enhances FIM.


 

Enhancing OSSEC Manageability, Security and Compliance

Free Guide: Extending the Power of OSSEC

Download this free guide to see how Atomic OSSEC enhances OSSEC for security, compliance, and manageability.