from Hacker News

Ask HN: What is your linux IDS and AVS?

by jnankin on 2/12/15, 6:12 PM with 4 comments

If you're HIPAA compliant or PCI compliant you must run an intrusion detection system and anti virus software. What do you use to solve these requirements on Linux?

  • by Someone1234 on 2/12/15, 6:48 PM

    Where in HIPAA does it require anti-virus or IDS? Last I read it only requires encryption (both locally and on the network) and you have to have a written security policy which you will be audited against.

    If you don't want AV or IDS then simply don't put it into your internal security policy. Nothing in the HIPAA says that you have to have it, unless they've amended it recently to include that.

  • by embro on 2/12/15, 6:27 PM

    Qualys seem to be getting popular but I've never worked with it.

  • by earless1 on 2/12/15, 8:36 PM

    Alert Logic for IDS