<![CDATA[In this ever-evolving digital age, container technology has become one of the main solutions in cloud computing due to its efficiency and flexibility. However, the dynamic and ephemeral nature of containers poses new challenges in terms of security, especially regarding data integrity. The implementation of OSSEC in container environments requires a tailored approach, as it lacks native support for automatically detecting new containers. Agents must be embedded within container images or installed at the host level. These agents activate each time a container runs and send monitoring data to the OSSEC server. With orchestration and automated configuration, monitoring results are stored externally, and real-time email alerts can be triggered upon detecting suspicious file changes. Container environments are increasingly targeted by cyber threats such as malware and ransomware, which pose risks of unauthorized data access or encryption. Limited file integrity monitoring within containers creates a security gap that can be exploited undetected. This research addresses the issue by implementing a File Integrity Monitoring (FIM) mechanism using OSSEC, an open-source Host Intrusion Detection System (HIDS) capable of real-time file and log monitoring, malware detection, and automated threat response. OSSEC is deployed within a Docker-based setup and integrated with a Web User Interface for visualizing logs and monitoring activity. The system includes real-time email notifications for immediate alerts. Testing through file modification scenarios confirmed OSSEC’s accuracy in detecting changes and notifying administrators. This implementation effectively strengthens data security and provides timely threat detection in containerized environments.]]>
