Find Resources and Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

Subscribe to this discussion

OSSEC malware detection

I've always wanted that bit more from the security tools I use, one of which is OSSEC. It's a great HIDS and provides a lot of useful information. It also stores a lot of useful information which can be used for more than just FIM... have a read of: OSSEC integration with Virus Total to see what I've done to add an extra layer of malware detection to OSSEC.
You must sign in to rate content.
(1 ratings)

Comments

RE: OSSEC malware detection

Thanks for posting this Daniel.  The other integration I've used with OSSEC was to feed the file integrity alerts for certain servers into a central logging solution such as syslog-ng or Splunk.  Works great for compliance reporting.
edwevansLively at 9/21/2015 1:32:08 PM Quote
You must sign in to rate content.
(1 ratings)

RE: OSSEC malware detection

Thanks for posting this Daniel.  The other integration I've used with OSSEC was to feed the file integrity alerts for certain servers into a central logging solution such as syslog-ng or Splunk.  Works great for compliance reporting.
edwevansLively at 9/21/2015 1:32:08 PM Quote
You must sign in to rate content.
(1 ratings)

RE: OSSEC malware detection

Thanks for posting this Daniel.  The other integration I've used with OSSEC was to feed the file integrity alerts for certain servers into a central logging solution such as syslog-ng or Splunk.  Works great for compliance reporting.
edwevansLively at 9/21/2015 1:32:08 PM Quote
You must sign in to rate content.
(1 ratings)

Leave a Comment

* required

You must login to leave a comment.