Atomicorp Announces Live Q&A Series on Open Source Security, Cyberdefense, and Compliance

If you prefer videos and virtual discussions over online reading, you’ve come to the right place. Atomicorp will be producing a series of live Q&A webinars, where participants can join us in discussing IT security and compliance challenges and capabilities. In the first session of the series, known as “Charity’s Corner,” we’ll be exploring file […]

Is ModSecurity Dead? Absolutely Not

 Is ModSecurity Dead? Answering the Question Head On. As with any mature and venerable technology, ModSecurity is facing its “Is It Dead?” stage, with some pundits assuming and proclaiming it dead ever since the Trustwave ModSecurity sunsetting and end of support announcement in 2021. We get asked the question a lot by folks who want […]

Real-Time FIM for Rapid Intrusion Detection and Response

Employ real time file integrity monitoring (FIM) to meet always-on security requirements as well as data protection compliance standards such as PCI DSS. Cyberattacks can be sneaky fast, executing their programs, altering your files and source code, and deleting traces of the activity. Many file integrity monitoring (FIM) programs run on a timer based model, […]

Secure Linux and Apps With XDR Plus Compliance

Free and open source Linux runs servers, desktop distributions, commercial mobile devices such as Android and Nokia, and virtualized server environments like Kubernetes clusters and containers. Linux even runs supercomputing. Accordingly, Linux skills are in high demand, both for software application development and for API and kernel level security. Whether you’re a do–it-yourself open source […]

Reinforce AIX Endpoint Security With Atomic OSSEC

By Scott Shinn (This article and video demonstration show how to orchestrate additional security and compliance controls to your AIX environments.)  AIX is a well-embedded operating system that has persisted 37 years and remains popular today. Technically not a legacy product, AIX is still commercially supported. IBM owns AIX, as well as Red Hat and […]

What’s the Difference Between OSSEC, OSSEC+ and Atomic OSSEC

By Scott Shinn What’s the difference between OSSEC, OSSEC+, and Atomic OSSEC? We get asked that a lot. The quick answer is thousands of additional open source security rules, frequent updates and software integrations for real-time endpoint and cloud workload detection, built-in active response beyond HIDS, a graphical user interface (GUI), compliance capabilities, and expert […]

Combining Ghidra Reverse Engineering and OSSEC Protection

By Scott Shinn Ghidra is an open source reverse engineering tool developed by the NSA. Four years mature, Ghidra is a solid tool that can be used to disable attacks at the root, enabling you to take the malware apart and build immunities. It’s reverse engineering via an open source tool today. At the February […]

Open Source WAFs for Web Application Security and Compliance

What is a WAF versus a firewall? . . . and why should IT security departments spin web application firewalls (WAFs) across the web and cloud workload architecture?  Consider the ubiquitous web attacks testing your servers and APIs all day long, looking for ways into your digital enterprise and its information. It’s a constant and […]

Open Source Security’s 2023 SWOT Analysis

By Paul Veeneman Editor’s Note: Paul Veeneman (CISSP, CISM, CRISC, CMMC-RP) is a cybersecurity, risk management, and compliance professional with 27 years of experience providing knowledge and guidance across various verticals and critical infrastructure. The following article is an abstract from his guest presentation at Atomic OSSEC Conference 2023. Why open source software and security?  […]