Reinforce AIX Endpoint Security With Atomic OSSEC

By Scott Shinn (This article and video demonstration show how to orchestrate additional security and compliance controls to your AIX environments.)  AIX is a well-embedded operating system that has persisted 37 years and remains popular today. Technically not a legacy product, AIX is still commercially supported. IBM owns AIX, as well as Red Hat and […]

What’s the Difference Between OSSEC, OSSEC+ and Atomic OSSEC

By Scott Shinn What’s the difference between OSSEC, OSSEC+, and Atomic OSSEC? We get asked that a lot. The quick answer is thousands of additional open source security rules, frequent updates and software integrations for real-time endpoint and cloud workload detection, built-in active response beyond HIDS, a graphical user interface (GUI), compliance capabilities, and expert […]

Combining Ghidra Reverse Engineering and OSSEC Protection

By Scott Shinn Ghidra is an open source reverse engineering tool developed by the NSA. Four years mature, Ghidra is a solid tool that can be used to disable attacks at the root, enabling you to take the malware apart and build immunities. It’s reverse engineering via an open source tool today. At the February […]

Open Source WAFs for Web Application Security and Compliance

What is a WAF versus a firewall? . . . and why should IT security departments spin web application firewalls (WAFs) across the web and cloud workload architecture?  Consider the ubiquitous web attacks testing your servers and APIs all day long, looking for ways into your digital enterprise and its information. It’s a constant and […]

Open Source Security’s 2023 SWOT Analysis

By Paul Veeneman Editor’s Note: Paul Veeneman (CISSP, CISM, CRISC, CMMC-RP) is a cybersecurity, risk management, and compliance professional with 27 years of experience providing knowledge and guidance across various verticals and critical infrastructure. The following article is an abstract from his guest presentation at Atomic OSSEC Conference 2023. Why open source software and security?  […]

Attend OSSEC Conference, February 7-10, 2023: Open Source Security, FIM, Malware Detection, and Training

Open source software is flexible and free, enabling DevSecOps-oriented IT organizations to get more out of the software without having to wait for commercial vendor developments and updates. Open source software provides the fabric and foundation for Red Hat middleware, Kubernetes container environments, as well as application cluster deployments. It is also commonly used to […]

The Bond Between File Integrity Monitoring (FIM), PCI DSS, and Regulatory Compliance

Comprising more than half of all cyberattacks, file-based attacks (.DOCX, .pdf, etc.) enable malware to spread into other files and across different systems. These attacks can be sophisticated, able to use deception to take path-traversal courses to get at sensitive data or spread silently, closing portals and deleting files behind them to hide their presence. […]

5 Ways to Get More Out of an OSSEC Host-Based Intrusion Detection System (HIDS)

By Atomicorp  (Get more out of your OSSEC intrusion detection … not just rules and basic detection. With Atomic OSSEC, you get professional support, installation and configuration assistance, multiple threat feeds, vulnerability intelligence, active response (HIPS), FIM, SCAP and CIS compliance tools, web based graphical analysis, and more.)   Free open-source software and free security […]

What Is Air Gapping? Air Gapping for Security, PCI DSS Requirements, and Other Compliance Challenges

What is air gapping? Air gapping is something that is used within military environments, in airplanes, nuclear power plants, financial institutions and other critical infrastructure, but what is air gapping really? Air gapping is a cybersecurity and compliance measure in which one or more computers are physically disconnected, or isolated, from untrusted or unsecure networks […]

A ModSec answer to the void after Trustwave ends new features and eventual support for ModSecurity Rules

As you may have read, on August 21, 2021, Trustwave, a longtime support mechanism for ModSecurity implementations, announced the end of support and development for ModSecurity Rules and WAF solutions. This departure leaves a potential gap in technical support for organizations or individual security developers wanting to continue to use the ModSecurity foundation and a […]