Getting started
Install open-source software from source to focus on Zero Trust Network principles, enhancing security for existing applications, and deploying tools for threat detection and prevention.
DISCLAIMER
It is understood that this documentation, and any configurations may contain errors and are provided for education purposes only. The documentation, and any configurations are provided "as is" without warranty of any kind, whether express, implied, statutory, or otherwise.
Introduction
In this project, we'll harness OSSEC's active response feature to execute commands on an agent in response to specific triggers. These triggers include alerts from Snort, PSAD, Fail2ban and ClamAV, effectively broadening OSSEC's active response capabilities. Furthermore, all alerts will be collected by Fluentd and transmitted to OpenSearch, streamlining data analysis. Additionally, the integration of WireGuard will bolster communication security throughout this process. Greenbone Vulnerability Manager will be used to identify any security risks to the process, ensuring comprehensive risk management.
Credits
| Role | Names |
|---|---|
| Authors: | Fredrik Hilmersson @libellux |
| Contributors: | Damir Kucic @dkucic, Scott Shinn @atomicturtle |
| Reviewers: | Scott Shinn @atomicturtle, Adam Hilmersson @cnsta, Björn Ricks @bjoernricks |
| Supporters: | HyperQube, Atomi Systems, Mullvad VPN, JetBrains, Better Stack |
Feedback
Questions, comments, or problems regarding this service? Create an issue here or contact [email protected].
Team
