OSSEC

OSSEC is an open-source HIDS that provides log collection, file integrity monitoring, rootkit detection, and active response across multiple platforms. It uses a manager-agent architecture to centralize alerts and coordinate responses to suspicious events. OSSEC can parse logs from many sources, apply correlation rules, and integrate with SIEMs for further analysis. The project is widely used for compliance monitoring, incident detection, and basic endpoint security in mixed OS environments. OSSEC's lightweight agents and extensible rules make it suitable for resource-constrained systems and diverse deployments.

Details

Deployment mode

Desktop Linux

Desktop Mac

Desktop Windows

On-premise Linux

Pricing model

Free

Open source

Organisation

Recommended by NERO

This organisation collects external/opensource solutions and training resources collected and validated by NERO partners.

Training and support

Free trial available:

Yes

Available trainings

Ratings & reviews

This solution has not been reviewed yet.