Host-based intrusion detection systems (HIDS), work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM integrates HIDS with other key security controls to help you get the most out of host-based monitoring, including:
- Analyzing system behavior and configuration status to track user access and activity
- Detecting system compromise, modification of critical configuration files (e.g. registry settings, /etc/passwd), common rootkits, and rogue processes
- Correlating HIDS data with known IP reputation, vulnerability scans and more
- Logging and reporting for PCI compliance
Watch It Now!
Sr. Technical Product Marketing Manager
Don has over 20 years of experience in product management and marketing, focused around the networking, security and semiconductors industries. His background includes roles with Ixia, Freescale and AMD, among other technology companies. At AlienVault, Don enjoys developing technical resources to help customers understand how to best leverage the AlienVault platform to solve their security challenges.