The ruleset is one of the most important parts of OSSEC. Thanks to the ruleset, OSSEC is able to detect attacks, intrusions, software misuse, configuration problems, application errors, malware, rootkits, etc.
At this time, there are two ways to update the ruleset: wait for a new OSSEC release or review the official repository for new rules, decoders and rootchecks. Wazuh is very aware of this, so we work every day to improve it by updating out-of-the-box rules provided by OSSEC and including new ones. All these changes are published in our repository of rules. I encourage you to visit […]