Atomicorp and Atomic OSSEC 7.0: What’s New in 2022

It’s been a busy year at Atomicorp, and we’re proud to announce some of the fruits of our information security and compliance solution labors, including a new and enhanced version of our flagship endpoint and cloud workload protection solution, Atomic OSSEC, which delivers FIM and comprehensive PCI DSS controls.  Atomic OSSEC version 7.0 brings an […]

5 Ways to Get More Out of an OSSEC Host-Based Intrusion Detection System (HIDS)

By Atomicorp  (Get more out of your OSSEC intrusion detection … not just rules and basic detection. With Atomic OSSEC, you get professional support, installation and configuration assistance, multiple threat feeds, vulnerability intelligence, active response (HIPS), FIM, SCAP and CIS compliance tools, web based graphical analysis, and more.)   Free open-source software and free security […]

What Is Air Gapping? Air Gapping for Security, PCI DSS Requirements, and Other Compliance Challenges

What is air gapping? Air gapping is something that is used within military environments, in airplanes, nuclear power plants, financial institutions and other critical infrastructure, but what is air gapping really? Air gapping is a cybersecurity and compliance measure in which one or more computers are physically disconnected, or isolated, from untrusted or unsecure networks […]

A ModSec answer to the void after Trustwave ends new features and eventual support for ModSecurity Rules

As you may have read, on August 21, 2021, Trustwave, a longtime support mechanism for ModSecurity implementations, announced the end of support and development for ModSecurity Rules and WAF solutions. This departure leaves a potential gap in technical support for organizations or individual security developers wanting to continue to use the ModSecurity foundation and a […]

Atomicorp Continues Commitment to ModSecurity Rules Software, Service and Expertise as Trustwave ‘Sunsets’ ModSec Support

CHANTILLY, Va., Nov. 23, 2021 / – Atomicorp, an endpoint and cloud workload protection vendor, today announced an ongoing commitment to provide commercial support for ModSecurity users, including subscription rule sets and professional support. ModSecurity, an open source web application firewall (WAF) that organizations use to protect web applications and sites from web attacks, has […]

Atomic ModSecurity Rules and Expertise for Web Hosting and Enterprise Web Assets

Growing Web Applications Require DevSecOps Shift: ModSec Can Help Web-based attacks, such as credential theft, code injection, SQLi, XSS, CSRF, malware, ransomware, denial of service (DoS) and others make digital transformation and cloud migration a potential losing trade-off. With every additional internet- and cloud-based app or connection comes new unknown vulnerabilities and risks to operations. […]

How to Use OSSEC to Comply With NIST 800-171, A Real-World Use Case

Written By Paul Veeneman, CISSP, CISM, CRISC, CMMC-RP During Atomicorp OSSEC Conference 2021, Paul Veeneman, CISSP, CISM, CRISC, CMMC-RP, described how he solves audit and accountability (AU) control and other compliance challenges in NIST 800-171. Complying With NIST-800-171 NIST 800-171 provides guidance to federal agencies to safeguard controlled unclassified information (CUI), and seeks to establish […]

Always Check the Spark Plug and Other Lessons in Cybersecurity

Rule 1: First check the spark plugs! It’s a lesson my brother, Scott, and I learned as young men decades ago in high school. It’s something we even painted on the wall of our parents’ garage.  And it’s an idea that’s been applicable in our work in software development and cybersecurity ever since. The principle […]

Tune In to OSSEC Conference 2021 – Featuring FIM, the Hottest Hits (Rust), and the Golden Oldies (AIX, HP-UX, Solaris, Windows End of Life)

Webcasts and videos continue to bolster skills (watch this ‘hands-on’ professional… take an online guitar lesson, see how to fix your boat’s motor…), and it is no different in cybersecurity. Join Atomicorp and technology partners for OSSEC Conference 2021, where, in a four-day virtual conference, Open Source Security (OSSEC) will be discussed, analyzed, practiced, and […]

How to Reduce False Positives and False Negatives Using OSSEC FIM

There is no such thing as perfect security. Therefore, having robust detection capabilities is key to determining if you have been hit with a cyber attack that evaded your protection capabilities. One of the most important detection and compliance capabilities today, file integrity monitoring (FIM) provides the ability to detect signs of intrusion or improper […]