bookmark_borderOSSEC at the SANS log management summit

David Bianco recently spoke about OSSEC at the SANS Log Management Summit 2007, with the presentation: “How to Save $45k (and Look Great Doing it)”. Quoting his blog entry reviewing the summit:

On Tuesday morning, I gave my own presentation, “How to Save $45k (and Look Great Doing it).” This is the story of how we bought a commercial SEM product, only to find that it didn’t really do what we wanted, and replaced it with the free OSSEC. Bad on us for not having our ducks in a row at first, I know. To be totally honest, it wasn’t so easy to get up in front of 100 people and say, “You know, we made this really expensive mistake”, but sometimes you have to sacrifice for the greater good. 😉

He also mentions Mike Poor’s presentation, “Network Early Warning Systems: Mining Better Quality Data from Your Logging Systems”, where Mike speaks about OSSEC in many of his slides. Mike’s presentation is available here.

If you went to the summit, please share your experiences with us!

bookmark_borderFree Lunch :: OSSEC Review

Andrew Storms from ncircle posted an interesting review of ossec in his blog (also at the ncircle main blog):

OSSEC is an open source host based intrusion detection system. The website states, “It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting and active response.” That is a mouthful.

Check it out: here.

bookmark_borderContributing to the UI development

I have received a large feedback from the community regarding the web interface with lots of offers to help. If you are interested in being a part of the UI development team, check out the following link with some ideas to implement: OSSEC Wui todo list.

If you have any questions, just send us an e-mail or comment in here. If you decide to work on any of the suggestions in there, feel free to modify the list and set the item as “under work”.

bookmark_borderOSSEC in the news

For those that missed it, ossec has gained a lot of attention lately, specially with these articles from Linux World and Network World:

You can see all other stories about ossec at our in the news wiki section.

bookmark_borderOSSEC Logo/Mascot contest

Can you guess what is missing in the ossec project? If you guessed a mascot (or a logo), you are right. Every open source project has one, but ourselves.

How to fill this gap? If you are you a good designer with a creative mind, you can help us out. We just opened a contest to select a new logo and/or mascot for the ossec project. This logo (or mascot) will be the official symbol of the ossec project and our new face.

There are some prizes included, but the main reward will be the satisfaction of helping out the open source community..

If you are interested, check the following link: http://www.ossec.net/wiki/index.php/CContest