Samhain Alternatives

Samhain is described as 'The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes' and is an app. There are more than 10 alternatives to Samhain for a variety of platforms, including Linux, Web-based, Mac, Windows and SaaS apps. The best Samhain alternative is Wazuh, which is both free and Open Source. Other great apps like Samhain are Matano, Ossec, CrowdStrike Falcon and AIDE.

Samhain iconSamhain
  3
  • FreeOpen Source
  • ...

The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis,...

More about Samhain
Samhain alternatives page was last updated Apr 29, 2025
Copy a direct link to this comment to your clipboard
  1. Wazuh icon
     22 likes
    Copy a direct link to this comment to your clipboard

    Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments.

    24 Wazuh alternatives

    License model

    • FreeOpen Source

    Platforms

    • Mac
    • Windows
    • Linux
    • Online

    Properties

    1.  Security-focused

    Features

    1.  Vulnerability management
    2.  Integration with SIEM
    3.  Data visualization
    4.  Event management
    5.  No registration required
    6.  Ad-free

    Wazuh VS Samhain

     
    • Wazuh is the most popular Web-based, Windows, Mac & Linux alternative to Samhain.

    • Wazuh is the most popular Open Source & free alternative to Samhain.

    • Wazuh is Free and Open SourceSamhain is also Free and Open Source
  2. Matano icon
     2 likes
    Copy a direct link to this comment to your clipboard

    Matano is an open source security lake platform for AWS. It lets you ingest petabytes of security and log data from various sources, store and query them in a data lake, and create Python detections as code for realtime alerting.

    License model

    • FreeOpen Source

    Application type

    Platforms

    • Linux
    • Self-Hosted

    Matano Features

    1.  Logging
    2.  Rust
    3.  Serverless

    Matano VS Samhain

     
    • Matano is the most popular Self-Hosted alternative to Samhain.

    • Matano is Free and Open SourceSamhain is also Free and Open Source
  3. Ossec icon
     11 likes
    Copy a direct link to this comment to your clipboard

    OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

    License model

    • FreeOpen Source

    Country of Origin

    • US flagUnited States

    Platforms

    • Mac
    • Windows
    • Linux

    Ossec VS Samhain

     
  4. Copy a direct link to this comment to your clipboard

    CrowdStrike Falcon Host integrates seamlessly into your current environment, enabling your security team to effectively and efficiently detect and block adversary activity – ultimately preventing damage to your organization through SaaS-based next-generation endpoint protection.

    55 CrowdStrike Falcon alternatives

    License model

    Country of Origin

    • US flagUnited States

    Platforms

    • Mac
    • Windows
    • Linux

    CrowdStrike Falcon Features

    1.  Malware Analysis
    2.  Real-time protection
    3.  Heuristic analysis
    4.  Zero-Day Protection
    5.  Data leak prevention
    6.  Heuristic Detection
    7.  Cloud based

    CrowdStrike Falcon VS Samhain

     
    • CrowdStrike Falcon is the most popular commercial alternative to Samhain.

    • CrowdStrike Falcon is Paid and ProprietarySamhain is Free and Open Source
  5. AIDE icon
     4 likes
    Copy a direct link to this comment to your clipboard

    AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker.

    9 AIDE alternatives

    License model

    • FreeOpen Source

    Platforms

    • Linux

    AIDE VS Samhain

     
  6. Tripwire icon
     4 likes
    Copy a direct link to this comment to your clipboard

    Open Source Tripwire software is a security and data integrity tool useful for monitoring and alerting on specific file change(s) on a range of systems.

    License model

    • FreeOpen Source

    Country of Origin

    • US flagUnited States

    Platforms

    • Linux

    Tripwire VS Samhain

     
  7. Copy a direct link to this comment to your clipboard

    Best-in-class endpoint protection against ransomware & zero-day threats. Cross-platform solution with easy-to-use cloud or on-prem management, server security, advanced threat defense and full disk encryption.

    52 ESET PROTECT Advanced alternatives

    License model

    Country of Origin

    • SK flagSlovakia
    • European Union flagEU

    Platforms

    • Software as a Service (SaaS)
    • Online

    ESET PROTECT Advanced Features

    1.  Ransomware Protection

    ESET PROTECT Advanced VS Samhain

     
    • ESET PROTECT Advanced is the most popular SaaS alternative to Samhain.

    • ESET PROTECT Advanced is Paid and ProprietarySamhain is Free and Open Source
  8.  1 like
    Copy a direct link to this comment to your clipboard

    Mugsy is a Linux file integrity monitor. It runs as a daemon and any file modifications made to your system on directories you've specify to monitor are logged locally and optionally sent to your elasticsearch server(s).

    License model

    • FreeOpen Source

    Country of Origin

    • US flagUnited States

    Platforms

    • Linux
    Discontinued

    No longer on GitHub, repo removed.

    Mugsy VS Samhain

     
  9.  2 likes
    Copy a direct link to this comment to your clipboard

    Periodically collects system configuration for changes, it can even run external commands and store their stdout and stderr for change monitoring. Sends periodic reports via e-mail.

    License model

    • FreeOpen Source

    Platforms

    • Linux

    syschangemon Features

    1.  Reporting

    syschangemon VS Samhain

     
  10. Copy a direct link to this comment to your clipboard

    Deepengine is an affordable and simple platform for vulnerability scanning, helping SMBs build robust products, ease compliance, and save money.

    License model

    Country of Origin

    • CH flagSwitzerland

    Platforms

    • Online

    Deepengine VS Samhain

     
  11. Wiz icon
     Like
    Copy a direct link to this comment to your clipboard

    Use the Wiz Cloud Security Platform to build faster in the cloud, enabling security, dev and devops to work together in a self-service model built for the scale and speed of your cloud development.

    License model

    Country of Origin

    • US flagUnited States

    Platforms

    • Online
    • Software as a Service (SaaS)

    Properties

    1.  Security-focused

    Features

    1.  Risk management

    Wiz VS Samhain

     
11 of 11 Samhain alternatives