« Previous 1 2 3 4 5
Open Source Security Information and Event Management system
Security Management
A mind-numbing array of applications, operating systems, routers, firewalls, VPNs, and cloud resources confront IT security professionals, with no shortage of logs and security events that need to be correlated and interpreted. The "old-school" way of one-off solutions for various security challenges just won't work anymore. What is needed is a comprehensive solution that integrates disparate data and processes and provides knowledge and insight into security threats and a capacity to manage risks more effectively.
The Open Source Security Information and Event Management (OSSIM) system [1] is a Security Information and Event Management (SIEM) application. SIEMs are multipurpose tools for the security operations professional. They offer asset discovery, behavioral monitoring, data aggregation and correlation, security/threat intelligence, threat detection, and vulnerability assessment, among other features. SIEMs are a necessary evolution in the technology used to manage modern threats, and OSSIM is a key leader in the space.
OSSIM offers an expansive array of features that would leave any IT security professional duly impressed, including:
- Security information management
- Security event management
- Asset management and discovery
- Log management
- Network management
- IDS (intrusion detection)
- HID (host intrusion detection)
- Vulnerability assessment
- Threat detection
- Behavioral monitoring
- Netflow support
- Incident response
- Reporting
- Powerful and user-friendly web interface
- Simple-to-install, prepackaged virtual machines
OSSIM has many core components born of the open source community. It takes all of these disparate, often time-consuming-to-integrate tools and puts them under one beautifully usable web interface.
It takes the
...Buy this article as PDF
(incl. VAT)



 
        