Open Source Host and Endpoint Security

Wazuh provides new detection and compliance capabilities, extending OSSEC core functionality.

Install OSSEC
Latest Rules

Piece_ELK_20_Icon ELK Stack

Visualize, analyze and search your host IDS alerts. ELK Stack is the combination of three popular Open Source projects for log management, known as Elasticsearch, Logstash and Kibana. Together they provide a real-time and user-friendly console for your OSSEC alerts.
OSSEC Wazuh integration with ELK Stack comes with out-of-the-box dashboards for PCI DSS compliance and CIS benchmarks. You can do forensic and historical analysis of OSSEC alerts and store your data for several years, in a reliable and scalable platform.
Learn more

Piece_Rule_20_Icon Wazuh Ruleset for OSSEC

We have modified the existing OSSEC ruleset to increase threat detection capabilities, add functionality and expand OSSEC scope. It includes, among many others, compliance mapping with PCI DSS v3.1, CIS security controls and additional decoders and rules.
The Wazuh Ruleset is curated through the effort of a dedicated team and the help of the community. We encourage OSSEC users to contribute and/or request new rules and decoders.
Learn more

Piece_API_20_Icon OSSEC RESTful API

This service controls the OSSEC Manager using REST requests. RESTful interaction allows to execute OSSEC commands easily from your application (or using a web browser). Manage your environment via the API, including agent remote management, and the ability to extract rootcheck or syscheck information across large deployments. In addition, it integrates OSSEC with external systems.
Installation is easy and the footprint is small, in a NodeJS Express Package that implements HTTP authentication over SSL/TLS.
Learn more

OSSEC for PCI DSS

OSSEC has great value for companies needing to comply with PCI DSS. It is currently being used for this purpose by thousands of companies, from large corporations to small internet stores.

Wazuh understands the importance of these regulations and will continue to develop and integrate OSSEC to comply with these requirements.

Learn more

PCI DSS Guide 3.1

This guide describes how OSSEC helps with each requirement.
Take a look

OSSEC Docker container

Run a standalone OSSEC manager container, or run it together with ELK Stack.

Get started >>

Docker Hub

Puppet for OSSEC massive deployment

Use this module for automated deployments and remotely configuration of your agents.

Get started >>

Puppet Forge

About OSSEC HIDS project

OSSEC is an open source project started by Daniel Cid and was made public back in 2004. In 2009 Trend Micro acquired the OSSEC project keeping it open source and free.

OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.

Visit OSSEC project website >>