Ruleset

This part of the documentation explains how to install, update, and contribute to ThreatLockDown Ruleset. These rules are used by the system to detect attacks, intrusions, software misuse, configuration problems, application errors, malware, rootkits, system anomalies, or security policy violations. OSSEC provides an out-of-the-box set of rules that we update and expand, in order to increase ThreatLockDown detection capabilities.