OSSEC is a free, open-source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response, like agents.

 

You can also tailor OSSEC for your security needs through its extensive configuration options, adding custom alert rules and writing scripts to take action when alerts occur.

OSSEC offers comprehensive host-based intrusion detection across multiple platforms including Linux, Solaris, AIX, HP-UX, BSD, Windows, Mac and VMware ESX.

OSSEC helps organizations meet specific
compliance requirements such as PCI DSS. It detects and alerts on unauthorized file system modification and malicious behavior that could make you non-compliant.

NOTE:  Advantages of HIDS are: System level protection. Protects from attacks directed to the system. Any unauthorized activity on the system (configuration changes, file changes, registry changes, etc.) are detected and an alert is generated for further action.

NIDS-vs-HIDS.jpg
Intrusion Detection System Software.jpg