Real-Time FIM for Rapid Intrusion Detection and Response

Posted on by Dean Lombardo

Employ real time file integrity monitoring (FIM) to meet always-on security requirements as well as data protection compliance standards such as PCI DSS. Cyberattacks can be sneaky fast, executing their programs, altering your files and source code, and deleting traces of the activity. Many file integrity monitoring (FIM) programs run on a timer based model, […]

Combining Ghidra Reverse Engineering and OSSEC Protection

Posted on by Justin Countiss

By Scott Shinn Ghidra is an open source reverse engineering tool developed by the NSA. Four years mature, Ghidra is a solid tool that can be used to disable attacks at the root, enabling you to take the malware apart and build immunities. It’s reverse engineering via an open source tool today. At the February […]

Podcast: What is OSSEC and Why People Use It

Posted on by Mike Shinn

OSSEC, which is short for open source security, was founded in 2004. It is an open source project for cybersecurity and delivers the most robust endpoint detection and response (EDR) capabilities available to enterprises today. Scott Shinn, OSSEC project manager, introduced its most recent update to 3.0 at the OSSEC conference this past April. In […]

Leveraging OSSEC for Cloud Compliance and Security

Posted on by sshinn

Moving to the cloud presents a host of security and compliance responsibilities for enterprise security and IT teams.  While cloud providers handle hardware and infrastructure, cloud workloads themselves must be secured by the enterprise. Traditional on-premise controls and network security don’t work in the perimeter-less virtual environment of the public cloud. OSSEC offers a free […]

Podcast: OSSEC, SIEM and Log-based Intrusion Detection Systems

Posted on by Mike Shinn

Atomicorp’s CEO Mike Shinn walks through his experience with logging, SIEM and OSSEC approaches. He breaks down what is important and how the logging space has evolved over the past 20 years from a security perspective, including the introduction of security automation. Log-based Intrusion Detection System – LIDS Log-based intrusion detection (LIDS) was one of […]

OSSEC Conference Video: File Integrity Monitoring and OSSEC

Posted on by Mike Shinn

File Integrity Monitoring is the process of validating the integrity of operating system or application software files using a verification method based on the comparison of the current file state and a known good baseline. Dan Parriott is an OSSEC contributor who has been using the open source solution since 2006. He is a self-proclaimed […]

Atomicorp Adds Amazon Alexa to OSSEC Cybersecurity Solution

Posted on by sshinn

Amazon Alexa has ushered in a new era of voice interaction for consumers and the enterprise. Over 47 million consumers in the U.S. have access to a smart speaker at home and last fall Amazon Echos started showing up in the workplace based on the Alexa for Business framework. Atomicorp immediately recognized that voice interaction […]

New Video: OSSEC User Panel from OSSEC Conference 2018

Posted on by Mike Shinn

  OSSEC users from around the world came together at the OSSEC Conference 2018 this past April to learn more about the open source security solution. Attendees heard experts discuss the many different ways in which OSSEC can be configured to meet any organization’s needs, from compliance to file integrity management. They also got to […]

Adding Elliptic Curve Noise Socket Crypto to Your OSSEC Deployment

Posted on by Mike Shinn

Dmitry Dain, co-founder and CTO of Virgil Security recently spoke at the OSSEC Conference 2018 about using encryption. In introducing Dmitry, OSSEC project manager Scott Shinn expressed the importance of the recent contributions by Virgil to the project. Scott pointed out that it has been a goal of the OSSEC contributors to update the crypto […]

OSSEC 3.0 Preview

Posted on by Mike Shinn

At the OSSEC Conference 2018 earlier this month, project manager Scott Shinn debuted OSSEC 3.0. Scott reviews what’s new with OSSEC, the changelog, the new GeoIP rules, provisioning automation, ELK stack integration and more. You can view the video of his full presentation below and download the conference presentation by clicking here.   To see […]