I published the following diary on isc.sans.org: “Detecting Undisclosed Vulnerabilities with Security Tools & Features“.
I’m a big fan of OSSEC. This tools is an open source HIDS and log management tool. Although often considered as the “SIEM of the poor”, it integrates a lot of interesting features and is fully configurable to solve many of your use cases. All my infrastructure is monitored by OSSEC for years… [Read more]