Blog Archives

The Future of OSSEC

It has been awhile since the last release of OSSEC and some users wonder if the project is really still active. Well, I am here to tell you that not only is it active, but it has been the most

Tagged with:
Posted in Intrusion Detection, Log Analysis

Symposium Presentations Available / The Future of OSSEC

Trend did a great job of outlining our plan for OSSEC in this post. They begin by describing the Symposium, just as I did in my previous post, then go on to lay out a detailed plan for the future.

Tagged with:
Posted in Log Analysis, Log Management

OSSEC Symposium Recap

If you missed the first OSSEC Symposium, you missed a great opportunity to meet fellow OSSEC users and developers, partake in great food and drink and immerse yourself in a day-and-a-half of pure OSSEC geekiness! I arrived a bit early

Tagged with:
Posted in Log Analysis, Log Management

OSSEC Community Symposium, July 12-13 2012

Please join me at the first OSSEC Symposium, sponsored by Trend Micro. This is a forum for the OSSEC community to come together and discuss all things OSSEC. We’ll not only talk about what makes OSSEC so effective, but what

Tagged with:
Posted in Intrusion Detection, Log Analysis, Log Management

First Impressions with ELSA: Bye-bye Grep

When I first read about ELSA, I knew it was going to be a game changer. From the very beginning, this log collection and analysis application had addressed many of the problemsĀ plaguing adoption of open source log front-ends in the

Posted in Log Analysis, Log Management

Waging War in the Digital Age

What are the ethical ramifications of waging war via computer? Does war even have to be declared? Where are the boundaries in the virtual world? What happens when machines begin to think for themselves? These are the questions I explore

Posted in Computer Crime, Ethics

When Disclosure Can Kill

What should one do when discovering a vulnerability in a medical device? What if, by disclosing the vulnerability, you could put someone’s life at risk? These are the questions I explore in an article I wrote for the most recent

Posted in Dialogue

3WoO Day 7.1: The OSSEC-O-Lantern

Halloween is a special time of year. It’s that one day where we confuse our children by telling them to not only take candy from strangers, but to go out and beg for it while dressed in an overpriced polyester

Tagged with:
Posted in Log Analysis

3WoO Day 7: Wrapping It Up

Well, despite my best efforts, the day 7 post is going to be a bit delayed. But I think you’ll like it. So, stay tuned.

Tagged with:
Posted in Dialogue

3WoO Day 6: Learning From Malware Part II–The Rules

Yesterday, I blogged about some annoying malware. The point was to learn some of the techniques that this general class of malware uses, so we could write some OSSEC rules to detect it. If you haven’t already read that post,

Tagged with:
Posted in Dialogue, Log Analysis