Question about usage

Question

Question about usage

Opened this issue 4 years ago · 1 comments

So, if i wanted to build a system based on the CIS recommendations, this would (eventually) allow me to dispose of the OSSEC HIDS?

Or am i missing the point of this software?

Looks damn interesting though ;-)

Answer 1 · 2020-09-20T13:05:01.000Z

There are many different types of HIDS, e.g. filesystem IDS, which KSPIDS does not provide as it works on a user/process basis. They complement each other. For this reason, I cannot suggest to replace but rather combine different types of HIDS.