Differences between revisions 20 and 21
Revision 20 as of 2015-06-27 03:27:54
Size: 3543
Editor: PaulWise
Comment: new blog url
Revision 21 as of 2017-11-03 01:16:14
Size: 3518
Editor: PaulWise
Comment: https
Deletions are marked like this. Additions are marked like this.
Line 8: Line 8:
{{http://www.alienvault.com/images/av-nav-logo.png|AlienVault OSSIM Logo}} {{https://www.alienvault.com/images/av-nav-logo.png|AlienVault OSSIM Logo}}
Line 17: Line 17:
 * Homepage: http://www.alienvault.com/open-threat-exchange/projects#ossim  * Homepage: https://www.alienvault.com/open-threat-exchange/projects#ossim
Line 19: Line 19:
 * Microblog: http://twitter.com/alienvault  * Microblog: https://twitter.com/alienvault
Line 28: Line 28:
 * user forums: http://forums.alienvault.com/  * user forums:
Line 55: Line 55:
 * developer microblogs: http://twitter.com/AlienvaultLabs  * developer microblogs: https://twitter.com/AlienvaultLabs

AlienVault OSSIM

AlienVault OSSIM Logo

AlienVault Open Source SIEM (OSSIM) is a complete Security Management solution. Along with the AlienVault Unified SIEM for IT and AlienVault ICS SIEM for industrial / SCADA applications, AlienVault OSSIM is in use at more organizations than all alternatives combined. AlienVault OSSIM provides all of the functionality required to detect and profiles attacks and provides a comprehensive, intelligent Security Management platform and toolset. The entire solution is based on Debian's, including all seamlessly integrated tools and the security management platform. The OSSIM project was created and is currently coordinated by the founders of AlienVault.

The OSSIM platform consists of a Management Server, and Sensor or "Probe". A professional version that includes Logger functionality is also available (please see below). The solution may be implemented as a single monolithic appliance or a set of appliances in which probes are separated from the management server, and distributed throughout the enterprise.

Probes capture network and system information in real time, and send it to the central Management Server where the data is analyzed to assess immediate threats and risk, filter out false positives, and locate false negatives that other security devices and software on the network cannot detect.

deb [arch=i386,amd64] http://data.alienvault.com/debian_shared/ binary/
deb [arch=i386,amd64] http://data.alienvault.com/feed/ binary/
# Source packages are not provided, but the VCS repository contains source.

Last updated 2011-07-11 11:01:17