OSSEC
Host-based IDS: log analysis, file integrity monitoring, rootcheck, and active response—ancestor lineage to Wazuh.
Why it is included
Still referenced in compliance docs; Wazuh extends this model for modern SIEM needs.
Best for
Legacy deployments and minimal FIM/log monitoring stacks.
Strengths
- Lightweight agent
- FIM
- Simple server
Limitations
- Many teams migrate feature needs to Wazuh
Good alternatives
Wazuh · Samhain
Related tools
Security & Privacy
Wazuh
Open security platform combining SIEM, XDR, file integrity monitoring, and compliance checks across endpoints and cloud.
Security & Privacy
Lynis
Host-based security auditing for Unix: misconfigurations, packages, SSH, kernel hardening hints.
Security & Privacy
Zeek
Network security monitor producing rich logs (conn, DNS, HTTP, SSL, files) for analytics—not a classic IDS signature engine.
Security & Privacy
Syft
CLI and library for generating SBOMs (SPDX, CycloneDX) from images, directories, and archives.
Security & Privacy
osquery
Expose OS state as SQL tables—processes, sockets, users, browser extensions—for fleet visibility and compliance.
Security & Privacy
Greenbone Community Edition (OpenVAS)
Full vulnerability management stack: OpenVAS scanner, Greenbone Vulnerability Manager, feeds, and web UI for scan management.