You can't secure what you don't acknowledge.SM

Monday, April 20, 2009

Neat open source SIM tool

I attended a local networking event here in town last week where a representative from AlienVault presented their open source security incident/event management tool called OSSIM. I had to endure a painful sales pitch (that wasn't supposed to be a sales pitch, mind you) and a simple-minded "use this product for all your needs" approach to information security...but the tool actually looks promising. It's a "free" way to pull together all of your event logs, alerts, etc. across multiple platforms into one central location. Definitely a legitimate part of managing information security that most organizations have zero control over.

There are tons of (expensive) commercial tools out there that have been around for years. But if you're having trouble getting your arms around everything your systems are spitting out - especially in the name of compliance - OSSIM is certainly worth taking a look at.

No comments:

Post a Comment