OSSEC
Defensive hids
Open Source
Leading open-source HIDS
Platforms:
linux windows macos
Prerequisites:
linux sysadmin
Pros and Cons
Ventajas
- + Open-source and free
- + Multi-platform
- + Integrated active response
- + File integrity monitoring
- + Rootkit detection
Desventajas
- - Limited UI (mainly CLI)
- - Requires manual configuration
- - Fewer features than Wazuh
Casos de Uso
- Host-based intrusion detection
- File integrity monitoring
- Log analysis
- Rootkit detection