Blog Archives

OSSEC open source HIDs

Changes with OSSEC

After many years, I have decided to step down from the OSSEC core team. It was not a decision I made lightly, but due to some recent changes in the project, I felt I would be more useful as a

Posted in Intrusion Detection Tagged with:

OSSEC CON 2013 Materials Available

My and my esteemed colleagues’ presentations from OSSEC CON 2013 are now available. The conference summary can be found here and my presentation can be found here. It was great meeting everyone and we had some great discussions surrounding how to

Posted in Intrusion Detection, Log Analysis, Log Management Tagged with: ,

OSSEC CON 2013

Please join me at the second annual OSSEC conference, OSSEC CON 2013. I have the pleasure of joining Scott Shin, CTO of AtomicCorp, and Santiago Gonzalez, Director of Professional Services at AlienVault, in presenting. Time is running out to register, so make sure

Posted in Intrusion Detection, Log Analysis Tagged with:

The Future of OSSEC

It has been awhile since the last release of OSSEC and some users wonder if the project is really still active. Well, I am here to tell you that not only is it active, but it has been the most

Posted in Intrusion Detection, Log Analysis Tagged with:

Symposium Presentations Available / The Future of OSSEC

Trend did a great job of outlining our plan for OSSEC in this post. They begin by describing the Symposium, just as I did in my previous post, then go on to lay out a detailed plan for the future.

Posted in Log Analysis, Log Management Tagged with:

OSSEC Symposium Recap

If you missed the first OSSEC Symposium, you missed a great opportunity to meet fellow OSSEC users and developers, partake in great food and drink and immerse yourself in a day-and-a-half of pure OSSEC geekiness! I arrived a bit early

Posted in Log Analysis, Log Management Tagged with:

OSSEC Community Symposium, July 12-13 2012

Please join me at the first OSSEC Symposium, sponsored by Trend Micro. This is a forum for the OSSEC community to come together and discuss all things OSSEC. We’ll not only talk about what makes OSSEC so effective, but what

Posted in Intrusion Detection, Log Analysis, Log Management Tagged with:

3WoO Day 7.1: The OSSEC-O-Lantern

Halloween is a special time of year. It’s that one day where we confuse our children by telling them to not only take candy from strangers, but to go out and beg for it while dressed in an overpriced polyester

Posted in Log Analysis Tagged with:

3WoO Day 7: Wrapping It Up

Well, despite my best efforts, the day 7 post is going to be a bit delayed. But I think you’ll like it. So, stay tuned.

Posted in Dialogue Tagged with:

3WoO Day 6: Learning From Malware Part II–The Rules

Yesterday, I blogged about some annoying malware. The point was to learn some of the techniques that this general class of malware uses, so we could write some OSSEC rules to detect it. If you haven’t already read that post,

Posted in Dialogue, Log Analysis Tagged with: