It’s been a busy year at Atomicorp, and we’re proud to announce some of the fruits of our information security and compliance solution labors, including a new and enhanced version of our flagship endpoint and cloud workload protection solution, Atomic OSSEC, which delivers FIM and comprehensive PCI DSS controls.
Atomic OSSEC version 7.0 brings an advanced graphic user interface (with full-text searching), built-in global threat intelligence, advanced detection and response, event correlation and analysis, and increased advanced credential management across your endpoint connections. We’ve also made two of our primary products, Atomic OSSEC and Atomic ModSecurity Rules, available as monthly software as a service (SaaS) offerings.
Atomic OSSEC 7.0 SaaS for Endpoint Protection, FIM, and PCI DSS Compliance
Atomic OSSEC 7.0 delivers:
- Remote agent installation. A SaaS version is now available for both our endpoint and web server offerings. You subscribe and your OSSEC or ModSecurity Rules are updated and managed for you, ready for deployment to your hardware, virtual endpoints, and cloud workloads. Atomic OSSEC 7.0 enables rapid orchestration of endpoint and edge security from a secure hub. Point it at a device and be able to track, detect, and protect over time. It’s an easy install, and organizations can situationally use a hub versus on-device security agents, applying Atomic OSSEC agentless monitoring over virtual servers, Ansible and open-source-based automation environments, containers, and application clusters.
- Enhanced agent management. With each agent you deploy, you get malware detection and malware removal, file integrity monitoring (FIM), vulnerability analysis, and defense-in-depth lateral protection, and you can harden or fine-tune the instructions for each agent. Atomicorp endpoint agents stay super active via an integrated Atos scheduler for frequency. You can schedule events such as an AV scan, and enforce FIM permanently at every connection, to extend and deepen your malware detection and response. Atomicorp detection goes beyond just patching an attack surface; it delivers threat intelligence, vulnerability detection, and automation toward vulnerability and risk management and compliance management analysis and reports.
- Credential management. Atomic OSSEC 7.0 brings advanced credential management, furnishing user organizations with detection, filtering and secure access across systems, files, and applications. The Atomic OSSEC endpoint and cloud workload protection solution provides strong password enforcement, cryptographic identification, and behavior analysis across physical and virtual endpoints in both ‘agented’ and agentless security deployments. It supports the Secure Shell (SSH) cryptographic protocol, AWS credentials for S3 and SSM, and Amazon and YubiKey crypto-key protections.
- Remote archiving. Save your data securely. Atomic OSSEC 7.0 backs up your files, stripping the malware so your data remains uncorrupted and retrievable. Atomicorp remote archiving enables you to practice best-practice 3-2-1 backup, with three copies of your data kept separately (for example, one on your physical servers, one in a tightly air-gapped or data-diode-enforced cloud, and one on backup disks and/or paper, or a combination of these storage methods). This stored data can be used toward compliance (PCI DSS, GDPR, HIPAA, NIST, FIPS, FISMA, etc.) and risk management requirements and objectives. We offer a managed data protection service offering.
- Improved GUI. Monitor, detect and virtually patch your endpoint and cloud workload vulnerabilities with the Atomic OSSEC engine and dashboard. Create custom dashboards for FIM results, compliance scores for NIST and PCI DSS, and any data sets connected to the interface. Add a WAF via our Atomic Protector offering and you’ll be able to view your web infrastructure activity, intelligence and events alongside your endpoint and workload protection data. Atomicorp makes it easy to orchestrate security across a wider attack surface, websites, APIs, serving and receiving endpoints, and to search and view the whole cyber-battlefield and compliance landscape.
- SIEM search, correlation and analysis. Leveraging OpenSearch, Atomic OSSEC 7.0 captures log file information and presents it for GUI analysis by analysts and other non-CLI (non-command line interface) security team members. It’s full-text search, and these security stakeholders will be able to easily search logs and SIEM data to visually manage agents, servers, Kubernetes containers, FIM, rollbacks, and integrations with third-party systems, and address performance issues and regulatory compliance.
Trial Atomic OSSEC.
Atomic Inspector for SIEM Search and Correlation
Be able to see all aspects of a pattern or attack scenario using Atomic Inspector.
Atomic Inspector is an add-on that enables organizations to harness search, correlation and analysis functionality.
Atomic Inspector brings full text searching of all your logs, files, text strings, and metadata, and also gives you alerts about suspicious events, anomalous patterns, system health, and regulatory compliance levels. Get alerts and also search your logs for anything relevant to addressing a threat or vulnerability. Focus on a keyword, string of text, or any of the key foundations of endpoint security (FIM), compliance (NIST and PCI DSS), or the specific system reporting in. Isolate threats and vulnerabilities so you can orchestrate active response.
Atomic Inspector comes with a versatile graphical user interface (GUI) so you don’t have to integrate all SIEM feed-in data sources yourself. It comes with APIs for OpenSearch, ELK, Kubernetes, major cloud platforms, and more.
See Atomic Inspector in action.
Remote ModSecurity Rules for Web Application Security
Remote ModSecurity Rules are preconfigured ModSecurity Rules from a hub where the web application server security software is maintained for you. The offering is essentially a monthly SaaS version of the advanced web application security rules. The customer only has to run a script on their system to be able to direct the security rules to their web servers.
Atomicorp hosts the rules remotely and monitors all traffic through ModSecurity with our advanced remote rules set. Our professional service team and service automation provide rule enhancements and integration from the hub to help you to orchestrate security across your web entities.
Atomic Remote ModSecurity Rules enable you to:
- Connect to our hub and from there secure all your web servers, web sites, domains, and API connections.
- Direct enhanced security over a variety of web server types (Apache, IIS, Nginx, and more) without having to maintain the integrative server and security software. Updates and enhancements are done for you by Atomic ModSec and infosec experts and we can help you scale your web application security for business and operational requirements and needs (e.g., web hosting domains and web hosting panels).
- Get advanced detection, global threat intelligence and the ability to proactively respond through automated updates and virtual patching, instead of waiting for a vendor security patch.
- Spin a custom WAF rapidly into your existing web application security architecture. No additional hardware or hardware appliance needed.
Atomic ModSecurity is the go-to for easy ModSecurity Rules-based web application security, and the primary commercial ModSecurity rules provider and specialist in the industry. Atomicorp continues its 20-year commitment to the active ModSec user community with a focus on helping user organizations to get the most out of ModSecurity Rules and open-source OS and application security.
Learn more about monthly Atomic ModSecurity Rules and Atomic WAF.
Atomic OSSEC and ModSecurity Rules With SaaS Options
The new 7.0 version of the Atomic OSSEC endpoint and cloud workload protection solution provides organizational SIEM search and correlation, remote agent installation, advanced endpoint agent and credential management, and now comes in a monthly SaaS subscription model option.
~ Get an Atomic OSSEC demo today, with enhanced search, agent management and GUI.
Try the Remote ModSecurity Rules and gain a secure configuration management partner for your web application security.