New machine learning features in OSSEC

Customer support forums for Atomic OSSEC. There is no such thing as a bad question here. New customers feel free to get help getting started or asking questions that may be obvious. Regular users are asked to be gentle. :-)
User avatar
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4136
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

New machine learning features in OSSEC

Unread post by mikeshinn »

We're proud to announce the release of our next generation of our cloud based machine learning system for our Atomic Worload Protection and Atomic Enterprise OSSEC customers. What you'll see in both products now is that our cloud based machine learning engine is now able to detect and block attacks across any protocol on the system, for example you'll see it blocking brute force attacks against both web applications and other services, like POP, IMAP, Control panels, File Services and more, blocking attempts to upload malware, inject code into the system, exploit vulnerabilities and so much more. We've seen huge reductions in work loads for our beta users using this new feature, and we hope you this capability too/

Our cloud based machine learning system has the ability to detect and block in real time:

1) Denial of Service attacks
2) brute force attacks
3) recon attacks
4) complex multi stage attacks
5) multiple protocol attacks
6) direct attacks against the system such as web attacks, buffer over flows, remote exploits, and more
7) spammers (both email, and other protocols like web based spam)
8) port scans
9) malware
10) Data exfiltration

And more. Enjoy!

You dont need to do anything to take advantage of this feature if youre an ASL or OSSEC customer, this new capability is enabled in these products automatically.
Post Reply