Product overview (detail)

This page expands on the short summaries on the documentation home page. Products are listed in the same order as the home page.

Atomic OSSEC (AEO)

Atomic OSSEC is a Host-based Intrusion Detection System (HIDS) used for security detection, visibility, and compliance monitoring. It is based on a multi-platform agent that forwards system data (for example log messages, file hashes, and detected anomalies) to a central manager, where it is further analyzed and processed, resulting in security alerts. Agents convey event data to the central manager for analysis via a secure and authenticated channel.

Additionally, AEO provides a centralized syslog server and an agentless configuration monitoring system that offers security insight into events and changes on agentless devices such as firewalls, switches, routers, access points, network appliances, and similar gear.

Atomic ModSecurity rules

Atomicorp publishes a commercial ModSecurity ruleset (the “gotroot” / real-time rules) for protecting web applications. Subscriptions include real-time rules (current, supported, recommended for production) and a free/delayed subset for evaluation or non-subscription use.

If you configure Apache, nginx, or another supported stack yourself, you install and tune ModSecurity and the rules on your servers. The Atomic Update Manager (AUM) can download and update the ruleset for you; full installation, licensing, and rule-family documentation is under Atomic ModSecurity Rules.

WAF with Atomic Protector

Standalone ModSecurity rules (above) are the rules product for DIY web servers. Atomic Protector can also deliver the same web protection as part of its unified Linux suite, without you assembling ModSecurity by hand.

The Atomic WAF has two non-exclusive modes when used with Atomic Protector:

• Embedded mode: Works with Apache 2.x; Atomic Protector installs a module in Apache to give it native WAF protection.

• Proxy mode (transparent WAF): Atomic Protector can protect HTTP and HTTPS services on a local server (for example when the stack does not support embedded mode) or a remote server.

Read more on the Atomic Protector product page.

Atomic Protector (AP)

Atomic Protector (formerly known as Atomic Secured Linux) is an easy-to-use, out-of-the-box unified security suite for Linux, designed to protect servers against both known and unknown threats. It is aimed at beginners and experts alike: you install Atomic Protector and it applies a coordinated set of protections for you—including optional WAF behavior as described above when you use those features.

Threat intelligence

The Atomicorp Threat Intelligence System (TIS) supplies machine-readable security content such as DNS reputation (RBL-style) data so you can block or score traffic using up-to-date threat context without building your own intel pipeline. It is designed to be immediately actionable in your controls (for example ModSecurity and Atomic Protector integrations), not just raw data for manual analysis.

See Atomicorp Threat Intelligence System (TIS) for setup, lookup formats, and reference material.

Licensing

Need a license?

• If you have not purchased Atomic Protector yet, visit atomicorp.com.

Need an additional license?

• Add licenses via the Atomic License Manager (you can also reset your password there).

ModSecurity rules and other subscription products use the Atomicorp store and license flows described in the Atomic ModSecurity Rules documentation.