Third Brigade announced that it has acquired OSSEC, an open-source host-based intrusion detection system (IDS). The project will remain open source and licensed under GPL, and Third Brigade intends to expand the range of support for the tool.
"OSSEC is a very successful open source security project, and there are many organizations that are requesting enterprise-caliber support for their OSSEC deployments," said Wael Mohamed, CEO at Third Brigade.
OSSEC works in two basic parts: the central server and the host monitors. A central server collects information from the host monitors, and the host monitors perform a variety of tasks to detect potential security problems. For example, they can detect known rootkits and maintain file system integrity by keeping tabs on important system files. OSSEC can also monitor a variety of different logs, such as those generated by Apache, Squid, Snort, nmap, Windows, Microsoft IIS, Cisco VPN concentrators, and Cisco PIX firewalls.
Daniel Cid created OSSEC in 2003 and is the project's lead developer. Under terms of the acquisition, which were not entirely disclosed, Cid will become the principal researcher for OSSEC development at Third Bridage.
