Last week, a new version of OSSEC open source Host-based Intrusion Detection System was released.
New 2.0 version is the first one with support for agentless monitoring and include many others new features and bug fixes:
- Compiled Rules – Per popular demand, we are introducing the capability in the product to be able to use pre-compiled rules written in “C”. Customers who felt that the XML format for writing rules was very limiting, can now use the strong programming capabilities of C.
- Agentless Monitoring – Lot of enterprises are faced with the requirement to monitor devices where there are restrictions on Agents to be installed either because of scalability requirements or due to the lack of the native operating system support. In version 2.0, Ossec customers can perform integrity checking and real time logs inspection on remote systems (such as Linux based devices, firewall devices such as PIX and routers etc).
- New Language Support – We added support for the Dutch language in the install
- New Log Rules Support – We added support for Yum logs and fixed/improved many of the other rules for different messages.
- New reporting tool – We added a new tool to create and help generate reports
OSSEC was acquired by Third Brigade in June 2008.