BSides talks featuring Omens

Host-based continuous monitoring tool that scans logs and filesystems for known/generic attack vectors, detects file changes, and can quarantine hostile files or generate IP blocks for web servers