The World's Most Widely Used, Open Source, Host-based Intrusion Detection System


OSSEC was launched in October of 2003 by founder, Daniel Cid. Today it is used by leading global companies from Netflix and Facebook to Airbus and Workday. Its use spans virtually every industry from financial institutions to healthcare to universities and governments. Most prominently used for log based intrusion detection and file integrity monitoring, OSSEC also has robust auditing capabilities, malware detection and active response. It is easily installed, highly scalable and runs on every platform imaginable.


OSSEC Capabilities

• Enables real-time analytics and insight into security events

• Automates security and compliance freeing security staff for other tasks

• Secures legacy systems with support for viturally every platform

• Installs quickly and easily without the need for specialized expertise

• Scales across thousands of servers for enterprise deployment

OSSEC Features

• File Integrity Monitoring

• Log Monitoring

• Rootkit Detection

• Auditing

• Time-bassed Alerting

• Active Response

• Export to SIEMs

• Log Analysis

• Process Monitoring

“Yesterday morning I installed OSSEC on the one system I expose to the internet. OSSEC is really amazing in the sense that you can install it and immediately it starts parsing system logs for interesting activity.”

– Richard Bejtlich, Principle Security Strategist, Corelight Inc.

The Annual OSSEC Conference is March 20-21 in Herndon, Virginia

Register & Learn More

Download presentations and videos from past OSSEC Conferences


OSSEC - Open source HIDS

Subscribe to the OSSEC Monthly Newsletter

Angled border

Request a Demo