Wazuh Ruleset for OSSEC

Enhance functionality & detection capabilities

Update your host IDS rules

OSSEC new and updated rules to detect attacks, intrusions, software misuse, configuration problems, application errors, malware, rootlets, system anomalies or security policy violations.

Additional rule mapping with PCI DSS controls identifies when an alert is related to a compliance requirement.

Get started >>

Ruleset scope

What includes

Updated rules

Our team enforce and review all out-of-the box OSSEC rules, adapting, improving and augmenting their detection capabilities. Empowering generic rules and ensuring they are prepared to face modern technologies and environments.

Community rules

Centralize, test and maintain decoders and rules submitted by Open Source contributors. Gathering OSSEC rules all over internet we are committed to keep them organized and reviewed.

New rules

We create new rules and rootchecks periodically that are added to OSSEC scope so they can be used by the users community. Some examples are the new rules for Netscaler and Puppet.