Host Intrusion Detection

Host Intrusion Detection

Host intrusion detection (HIDS) helps reduce your cybersecurity risk by performing real-time monitoring of host systems, detecting and alerting on potential security threats, and providing valuable insights for incident response and risk mitigation. By monitoring the behavior and activity of individual host systems, you can be alerted of potential threats such as malware infections, unauthorized access attempts, and data exfiltration. This enables you to respond quickly and effectively to security incidents, potentially minimizing the impact of any breach and reducing the overall risk to your business.

Additionally, host intrusion detection can help you identify vulnerabilities and misconfigurations in host systems, allowing you to proactively address security issues and improve the overall security posture of your IT environment. 

When combined with response capabilities, this is commonly know as Endpoint Detection and Response (EDR).

What is HIDS?

Host-based intrusion detection systems (HIDS) uses a small agent to monitor the activity on your servers and endpoints.

With logs of activity shipped offsite to a cloud based SIEM they are protected from tampering from attackers. This allows for robust forensic investigations of incidents,  enabling you to understand the scope and impact of attacks better.  Armed with this knowledge, you can potentially turn a PR disaster into just a minor inconvenience.

At FoxTech, our HIDS agent collects the following data:

  • Log files
  • File integrity monitoring data and hashes
  • System inventory
  • Configuration data
  • Vulnerabilities
 

We currently support the following operating systems:

  • Linux (most major distributions)
  • Windows
  • MacOS
  • Solaris
  • AIX
  • HP-UX

When you subscribe to our monitoring service, we’ll provide you with a packaged installer suitable for manual installation, or automated silent installation using Microsoft Endpoint Manager, Ansible, or similar automation tools.