Adding Elliptic Curve Noise Socket Crypto to Your OSSEC Deployment
Dmitry Dain, co-founder and CTO of Virgil Security recently spoke at the OSSEC Conference 2018 about using encryption. In introducing Dmitry, OSSEC project manager Scott Shinn expressed the importance of the recent contributions by Virgil to the project. Scott pointed out that it has been a goal of the OSSEC contributors to update the crypto for several years and he sees the new features among the most important facets of OSSEC 3.0. Mr. Dain started his talk by saying:
“If you look back five, six, seven years, the security infrastructure inside OSSEC was pretty much on par with everybody else. It was the best as you could do at the time, but the times have changed…The way you do crypto has moved leaps and bounds since then. We mostly accept that end-to-end encryption of everything under all circumstances is probably a good idea. Validating all data is probably a good idea all of the time regardless of what environment you are in, because data always gets injected….Making that happen for a lot of you in your environments is a tough slog primarily because you have so many products. So, we wanted to build something inside OSSEC where it will not add to your job of rolling this out inside your enterprise. You just set up your environment and go.”
You can learn more about the new the new noise socket crypto features in OSSEC by watching Dmitry’s full presentation from the conference in the video below. And, you can download a copy of his presentation here.
To see more presentations and videos from OSSEC Conference 2018 click the button below.