cdpxe
commented
3 years ago There are many different types of HIDS, e.g. filesystem IDS, which KSPIDS does not provide as it works on a user/process basis. They complement each other. For this reason, I cannot suggest to replace but rather combine different types of HIDS.
So, if i wanted to build a system based on the CIS recommendations, this would (eventually) allow me to dispose of the OSSEC HIDS?
Or am i missing the point of this software?
Looks damn interesting though ;-)