HIDS collects, analyses and precorrelates logs of a server or client and alerts if an attack, fraudulent use or error is detected. It checks file integrity of the local system. Rootkit detection identifies hidden actions by attackers, trojans, viruses, etc. when system changes occur.
HIDS leads to real-time alerts and active response. HIDS integrates smoothly with SIEM and delivers additional valuable information for central correlation.
Technical details: It runs on nearly every operating system (Linux, Solaris, HP-UX, AIX, BSD, MacOS, Windows, VMware ESX) and supports to meet compliance requirements. Centralised policy deployment is done for all HIDS agents to monitor the server’s compliance.