SlideShare ist ein Scribd-Unternehmen logo

Whats New in OSSIM v2.2?

AlienVault
AlienVault

OSSIM 2.2 ===================================== New Features and Enhancements - New Installer - Enhanced Usability - New Vulnerability Management Interface - ISO & PCI Compliance - Unified Report Manager - Asset Management, Search and Reporting - SIEM Forensic Console Enhancements - Full PCI Wireless Security compliance - Netflow Analysis - New data sources - New menu organization - Multiclient - Logger - Higher Performance and Increased Storage http://www.alienvault.com || http://www.ossim.net

Technologie
1 von 33
What’s New in OSSIM 2.2? http://www.alienvault.com February 2009 Juan Manuel Lorenzo (jmlorenzo@alienvault.com)
New Features and Enhancements OSSIM 2.2
Index New Features and Enhancements New Installer Enhanced Usability New Vulnerability Management Interface ISO & PCI Compliance Unified Report Manager Asset Management, Search and Reporting SIEM Forensic Console Enhancements Full PCI Wireless Security compliance Netflow Analysis New data sources New menu organization Multiclient Logger Higher Performance and Increased Storage Upcoming Work 3
New installer 32-bit and 64-bit version Graphical installer Unattended installation VPN auto-setup Firewall auto-setup Update process improved Full Multi-profile Automatic configuration of OSSIM Components HTTPS enabled by default Software Upgraded Packet capture improved (Pfring 1.0 in 32-bit and 64- bit version) 4
New Installer Upgraded Software Linux Kernel 2.6.31 Support for newest devices MySQL 5.1 Greater performance and partitioning support Pfring 4.0 PF_RING can be used with vanilla kernels (no kernel patch required). OSSEC 2.3.1 Real time file integrity monitoring on Windows systems Support for monitoring the commands output (process monitoring) Openvas 3.0 WMI clients support New internal module architecture 5
Enhanced Usability Easy access to a broad range of information about any host or network: Asset Report Alarms SIEM Logger Ticketing system Knowledge DB Vulnerabilities Network Monitor Availability Monitor Right-click on any IP address or Network to see the contextual menu 6
Enhanced Usability Ease of use Analysis/Monitoring, reporting and configuration have been separated into different tabs. Advanced options and complex configurations have been separated from simple configuration options. Help Each panel has it's own link to the documentation/help 7
Enhanced Usability User templates Simplifies permission assignment to users in OSSIM. Floating Windows New floating Windows are now being used to help navigation within the web interface. 8
New Vulnerability Management Interface Schedule Scans Scanning profiles Scan summary Threats database Predefined Scanning Profiles Reporting in HTML, PDF and XLS Monitor Scan status in Real Time Vulnerability Scanner Web configuration 9
New Vulnerability Management Interface Monitor Scan status in Real Time Schedule Scan 10
New Vulnerability Management Interface Vulnerability Scanner Reports 11 EXCEL PDF HTML
ISO & PCI Compliance Automated PCI DSS and ISO 27001 Compliance reporting including: Threat overview Business real impact risks C.I.A Potential impact PCI-DSS Trends ISO27002 Potential impact ISO27001 Directives mapped to compliance control objectives   12
Unified Report Manager Report Management system built on JasperServer Reports in PDF, RTF, and HTML Format Reports can be sent via e-mail from the Web Interface Time frame selection when generating reports 13
Unified Report Manager Access all reports from a single centralized location Available reports: Asset Report SIEM Events Logger Alarms Business & Compliance ISO PCI Metrics Report Geographic Report User activity 14
Unified Report Manager Content selection for each report Customizable Reports 15
Asset Management, Search and Reporting 16 Asset Search Find all Assets matching certain criteria Date frame Selection Save predefined searches Advanced searches Auto completion
Asset Management, Search and Reporting 17 Advanced Asset Search Use logical Operators to combine search criteria Predefined Search Criterias Advanced searches Multiple Options in each criteria Auto completion
Asset Management, Search and Reporting 18 Asset Report Shows all the information regarding a host or network that can be found in OSSIM
SIEM Forensic Console Enhancements SIEM Forensic Database redesigned Faster analysis Storage capacity increased Search Engine optimized Logical Search (Using AND & OR operators) Export query results in PDF Format New filters Filter by country Filter by local networks Time frame selection using a calendar Extended information using event references 19
SIEM Forensic Console Enhancements Search using AND & OR (IP and Signature) Export query results in PDF Format 20
SIEM Forensic Console Enhancements Event geo-localization statistics Time frame selection 21
Full PCI Wireless Security compliance Implements the necessary controls for a full Wireless PCI Compliance. Reporting System and Wireless IDS (Kismet) Reports: Networks Cloaked Networks having uncloaked AP’s Encrypted Networks having unencrypted AP’s Networks using weak encryptions Suspicious clients 22
Netflow Analysis Netflow monitoring and management Integration of Nfdump and Nfsen Netflow collection from network devices Fprobe auto-configured to collect logs in the OSSIM collectors. 23
Netflow Analysis Easy configuration interface Complex Netflow Analysis and plugin support 24
New data sources Cisco SDEE Application level communications protocol that is used to exchange events in Cisco Devices Snort Unified2 Snort 3.0 and Suricata Engine supported WMI Agentless Collection Windows Management Instrumentation New supported devices and applications Astaro, Vyatta, Siteprotector, TippingPoint, Juniper VPN, RedBack, Netscreen IDP, Kismet, LucentBrick,... 25
New Menu Organization Dashboards High level information: charts, graphs, and risk maps. Incidents Medium level information: Alarms, Ticketing system and Knowledge DB Analysis Low level information: SIEM Events (Data mining), Logger and vulnerabilities Reports Report Manager Assets Inventory, Asset Search and OSSIM Components 26
New Menu Organization Intelligence Policy, actions, correlation rules and Compliance Mapping Monitors Information in real time: Network, Usage and availability Configuration Users, Collection configuration, and Database Upgrades Tools Backup, Tools Download, and Network Discovery system 27
Multiclient Multi Company/Department management capabilities Multi-hierarchical deployments 28 Only available when using Alienvault professional SIEM
Logger New graphs and statistics Reports on the information stored in the Logger Logical operators in Logger Search Fastest access to the information stored in the Logger 29 Only available when using Alienvault professional SIEM
Logger Select the time frame easily clicking on graphs or using a calendar Digitally signed logs can be exported to be verified using an external application Improved search syntax 30 Only in Alienvault Professional SIEM
Higher Performance and Increased Storage Database redesigned to increase performance and storage capacity. Improved Multithread support in OSSIM Server Multi-insertion to reduce database queries Faster processing of events 31 Only available when using Alienvault professional SIEM
Upcoming Work
Upcoming work NAC ( Network Access Control) Asset auto-discovery HIDS Management console Collectors Management console New correlation capabilities DLP (Data Loss Prevention) Improve Nagios Integration 33

Empfohlen

OSSIM Overview
OSSIM OverviewOSSIM Overview
OSSIM Overviewn|u - The Open Security Community
 
Integrated Tools in OSSIM
Integrated Tools in OSSIMIntegrated Tools in OSSIM
Integrated Tools in OSSIMAlienVault
 
Best Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationBest Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationAlienVault
 
Alien vault _policymanagement
Alien vault _policymanagementAlien vault _policymanagement
Alien vault _policymanagementMarjo'isme Yoyok
 
Continuous monitoring with OSSIM
Continuous monitoring with OSSIMContinuous monitoring with OSSIM
Continuous monitoring with OSSIMEguardian Global Services
 
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5AlienVault
 
Advanced OSSEC Training: Integration Strategies for Open Source Security
Advanced OSSEC Training: Integration Strategies for Open Source SecurityAdvanced OSSEC Training: Integration Strategies for Open Source Security
Advanced OSSEC Training: Integration Strategies for Open Source SecurityAlienVault
 
Solving the Open Source Security Puzzle
Solving the Open Source Security PuzzleSolving the Open Source Security Puzzle
Solving the Open Source Security PuzzleVic Hargrave
 

Empfohlen

OSSIM Overview
OSSIM OverviewOSSIM Overview
OSSIM Overviewn|u - The Open Security Community
 
Integrated Tools in OSSIM
Integrated Tools in OSSIMIntegrated Tools in OSSIM
Integrated Tools in OSSIMAlienVault
 
Best Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationBest Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationAlienVault
 
Alien vault _policymanagement
Alien vault _policymanagementAlien vault _policymanagement
Alien vault _policymanagementMarjo'isme Yoyok
 
Continuous monitoring with OSSIM
Continuous monitoring with OSSIMContinuous monitoring with OSSIM
Continuous monitoring with OSSIMEguardian Global Services
 
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5AlienVault
 
Advanced OSSEC Training: Integration Strategies for Open Source Security
Advanced OSSEC Training: Integration Strategies for Open Source SecurityAdvanced OSSEC Training: Integration Strategies for Open Source Security
Advanced OSSEC Training: Integration Strategies for Open Source SecurityAlienVault
 
Solving the Open Source Security Puzzle
Solving the Open Source Security PuzzleSolving the Open Source Security Puzzle
Solving the Open Source Security PuzzleVic Hargrave
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than EverAlienVault
 
Configuring Data Sources in AlienVault
Configuring Data Sources in AlienVaultConfiguring Data Sources in AlienVault
Configuring Data Sources in AlienVaultAlienVault
 
technical overview - endpoint protection 10.3.3
technical overview - endpoint protection 10.3.3technical overview - endpoint protection 10.3.3
technical overview - endpoint protection 10.3.3Muhammad Denis Iqbal
 
Security Framework from SANS
Security Framework from SANSSecurity Framework from SANS
Security Framework from SANSJeffrey Reed
 
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsDFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsChristopher Gerritz
 
Windows server hardening 1
Windows server hardening 1Windows server hardening 1
Windows server hardening 1Frank Avila Zapata
 
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...NoNameCon
 
THOR Apt Scanner
THOR Apt ScannerTHOR Apt Scanner
THOR Apt ScannerFlorian Roth
 
The Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaThe Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaEC-Council
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database ServerFahri Firdausillah
 
Security Incident Log Review Checklist by Dr Anton Chuvakin and Lenny Zeltser
Security Incident Log Review Checklist by Dr Anton Chuvakin and Lenny ZeltserSecurity Incident Log Review Checklist by Dr Anton Chuvakin and Lenny Zeltser
Security Incident Log Review Checklist by Dr Anton Chuvakin and Lenny ZeltserAnton Chuvakin
 
How to create correlation rule for threat detection in RuSIEM
How to create correlation rule for threat detection in RuSIEMHow to create correlation rule for threat detection in RuSIEM
How to create correlation rule for threat detection in RuSIEMOlesya Shelestova
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilitiesphanleson
 
Unearth Active Directory Threats Before They Bury Your Enterprise
Unearth Active Directory Threats Before They Bury Your EnterpriseUnearth Active Directory Threats Before They Bury Your Enterprise
Unearth Active Directory Threats Before They Bury Your EnterpriseBeyondTrust
 
OWASP TOP 10
OWASP TOP 10OWASP TOP 10
OWASP TOP 10Robert MacLean
 
Malicious Client Detection using Machine learning
Malicious Client Detection using Machine learningMalicious Client Detection using Machine learning
Malicious Client Detection using Machine learningCysinfo Cyber Security Community
 
Отчет Executive overview RAPID7
Отчет Executive overview RAPID7Отчет Executive overview RAPID7
Отчет Executive overview RAPID7Sergey Yrievich
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Ertugrul Akbas
 
Enterprise Vulnerability Management - ZeroNights16
Enterprise Vulnerability Management - ZeroNights16Enterprise Vulnerability Management - ZeroNights16
Enterprise Vulnerability Management - ZeroNights16Alexander Leonov
 
Отчет Executive penetration RAPID 7
Отчет Executive penetration RAPID 7Отчет Executive penetration RAPID 7
Отчет Executive penetration RAPID 7Sergey Yrievich
 
Summary-ECSM_4edition
Summary-ECSM_4editionSummary-ECSM_4edition
Summary-ECSM_4editionRalf Braga
 
Urogynics do you exert and squirt
Urogynics do you exert and squirtUrogynics do you exert and squirt
Urogynics do you exert and squirtWomensHealthFan
 

Weitere ähnliche Inhalte

Was ist angesagt?

New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than EverAlienVault
 
Configuring Data Sources in AlienVault
Configuring Data Sources in AlienVaultConfiguring Data Sources in AlienVault
Configuring Data Sources in AlienVaultAlienVault
 
technical overview - endpoint protection 10.3.3
technical overview - endpoint protection 10.3.3technical overview - endpoint protection 10.3.3
technical overview - endpoint protection 10.3.3Muhammad Denis Iqbal
 
Security Framework from SANS
Security Framework from SANSSecurity Framework from SANS
Security Framework from SANSJeffrey Reed
 
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsDFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsChristopher Gerritz
 
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...NoNameCon
 
The Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaThe Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaEC-Council
 
Security Incident Log Review Checklist by Dr Anton Chuvakin and Lenny Zeltser
Security Incident Log Review Checklist by Dr Anton Chuvakin and Lenny ZeltserSecurity Incident Log Review Checklist by Dr Anton Chuvakin and Lenny Zeltser
Security Incident Log Review Checklist by Dr Anton Chuvakin and Lenny ZeltserAnton Chuvakin
 
How to create correlation rule for threat detection in RuSIEM
How to create correlation rule for threat detection in RuSIEMHow to create correlation rule for threat detection in RuSIEM
How to create correlation rule for threat detection in RuSIEMOlesya Shelestova
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilitiesphanleson
 
Unearth Active Directory Threats Before They Bury Your Enterprise
Unearth Active Directory Threats Before They Bury Your EnterpriseUnearth Active Directory Threats Before They Bury Your Enterprise
Unearth Active Directory Threats Before They Bury Your EnterpriseBeyondTrust
 
Отчет Executive overview RAPID7
Отчет Executive overview RAPID7Отчет Executive overview RAPID7
Отчет Executive overview RAPID7Sergey Yrievich
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Ertugrul Akbas
 
Enterprise Vulnerability Management - ZeroNights16
Enterprise Vulnerability Management - ZeroNights16Enterprise Vulnerability Management - ZeroNights16
Enterprise Vulnerability Management - ZeroNights16Alexander Leonov
 
Отчет Executive penetration RAPID 7
Отчет Executive penetration RAPID 7Отчет Executive penetration RAPID 7
Отчет Executive penetration RAPID 7Sergey Yrievich
 

Was ist angesagt? (20)

New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
 
Configuring Data Sources in AlienVault
Configuring Data Sources in AlienVaultConfiguring Data Sources in AlienVault
Configuring Data Sources in AlienVault
 
technical overview - endpoint protection 10.3.3
technical overview - endpoint protection 10.3.3technical overview - endpoint protection 10.3.3
technical overview - endpoint protection 10.3.3
 
Security Framework from SANS
Security Framework from SANSSecurity Framework from SANS
Security Framework from SANS
 
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying AgentsDFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
DFIR Austin Training (Feb 2020): Remote Access & Deploying Agents
 
Windows server hardening 1
Windows server hardening 1Windows server hardening 1
Windows server hardening 1
 
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
 
THOR Apt Scanner
THOR Apt ScannerTHOR Apt Scanner
THOR Apt Scanner
 
The Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaThe Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George Dobrea
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database Server
 
Security Incident Log Review Checklist by Dr Anton Chuvakin and Lenny Zeltser
Security Incident Log Review Checklist by Dr Anton Chuvakin and Lenny ZeltserSecurity Incident Log Review Checklist by Dr Anton Chuvakin and Lenny Zeltser
Security Incident Log Review Checklist by Dr Anton Chuvakin and Lenny Zeltser
 
How to create correlation rule for threat detection in RuSIEM
How to create correlation rule for threat detection in RuSIEMHow to create correlation rule for threat detection in RuSIEM
How to create correlation rule for threat detection in RuSIEM
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilities
 
Unearth Active Directory Threats Before They Bury Your Enterprise
Unearth Active Directory Threats Before They Bury Your EnterpriseUnearth Active Directory Threats Before They Bury Your Enterprise
Unearth Active Directory Threats Before They Bury Your Enterprise
 
OWASP TOP 10
OWASP TOP 10OWASP TOP 10
OWASP TOP 10
 
Malicious Client Detection using Machine learning
Malicious Client Detection using Machine learningMalicious Client Detection using Machine learning
Malicious Client Detection using Machine learning
 
Отчет Executive overview RAPID7
Отчет Executive overview RAPID7Отчет Executive overview RAPID7
Отчет Executive overview RAPID7
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
 
Enterprise Vulnerability Management - ZeroNights16
Enterprise Vulnerability Management - ZeroNights16Enterprise Vulnerability Management - ZeroNights16
Enterprise Vulnerability Management - ZeroNights16
 
Отчет Executive penetration RAPID 7
Отчет Executive penetration RAPID 7Отчет Executive penetration RAPID 7
Отчет Executive penetration RAPID 7
 

Andere mochten auch

Summary-ECSM_4edition
Summary-ECSM_4editionSummary-ECSM_4edition
Summary-ECSM_4editionRalf Braga
 
Urogynics do you exert and squirt
Urogynics do you exert and squirtUrogynics do you exert and squirt
Urogynics do you exert and squirtWomensHealthFan
 
Cloud Security Alliance, Atlanta Chapter Meeting Q1 2012 - SSAE16 SOC 1 2 3 I...
Cloud Security Alliance, Atlanta Chapter Meeting Q1 2012 - SSAE16 SOC 1 2 3 I...Cloud Security Alliance, Atlanta Chapter Meeting Q1 2012 - SSAE16 SOC 1 2 3 I...
Cloud Security Alliance, Atlanta Chapter Meeting Q1 2012 - SSAE16 SOC 1 2 3 I...Phil Agcaoili
 
Information Technology (IT) Security Framework for Kenyan Small and Medium En...
Information Technology (IT) Security Framework for Kenyan Small and Medium En...Information Technology (IT) Security Framework for Kenyan Small and Medium En...
Information Technology (IT) Security Framework for Kenyan Small and Medium En...CSCJournals
 
Iso2700
Iso2700 Iso2700
Iso2700 madunix
 
схемы по политике кибербезопасности
схемы по политике кибербезопасностисхемы по политике кибербезопасности
схемы по политике кибербезопасностиDmitry Sanatov
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security FrameworkNada G.Youssef
 
2010-02 Building Security Architecture Framework
2010-02 Building Security Architecture Framework 2010-02 Building Security Architecture Framework
2010-02 Building Security Architecture Framework Raleigh ISSA
 
Data Center Security: Always a Main Concern for Businesses
Data Center Security: Always a Main Concern for BusinessesData Center Security: Always a Main Concern for Businesses
Data Center Security: Always a Main Concern for Businessescyrusone
 
Data Center Security
Data Center SecurityData Center Security
Data Center Securitydevalnaik
 
Data Center Security
Data Center SecurityData Center Security
Data Center SecurityCisco Canada
 
The Security Framework for Workflow Management Systems
The Security Framework for Workflow Management SystemsThe Security Framework for Workflow Management Systems
The Security Framework for Workflow Management SystemsSwanky Hsiao
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMSBusiness Beam
 
Data Center Security Now and into the Future
Data Center Security Now and into the FutureData Center Security Now and into the Future
Data Center Security Now and into the FutureCisco Security
 

Andere mochten auch (15)

Summary-ECSM_4edition
Summary-ECSM_4editionSummary-ECSM_4edition
Summary-ECSM_4edition
 
Urogynics do you exert and squirt
Urogynics do you exert and squirtUrogynics do you exert and squirt
Urogynics do you exert and squirt
 
Campus jueves
Campus juevesCampus jueves
Campus jueves
 
Cloud Security Alliance, Atlanta Chapter Meeting Q1 2012 - SSAE16 SOC 1 2 3 I...
Cloud Security Alliance, Atlanta Chapter Meeting Q1 2012 - SSAE16 SOC 1 2 3 I...Cloud Security Alliance, Atlanta Chapter Meeting Q1 2012 - SSAE16 SOC 1 2 3 I...
Cloud Security Alliance, Atlanta Chapter Meeting Q1 2012 - SSAE16 SOC 1 2 3 I...
 
Information Technology (IT) Security Framework for Kenyan Small and Medium En...
Information Technology (IT) Security Framework for Kenyan Small and Medium En...Information Technology (IT) Security Framework for Kenyan Small and Medium En...
Information Technology (IT) Security Framework for Kenyan Small and Medium En...
 
Iso2700
Iso2700 Iso2700
Iso2700
 
схемы по политике кибербезопасности
схемы по политике кибербезопасностисхемы по политике кибербезопасности
схемы по политике кибербезопасности
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security Framework
 
2010-02 Building Security Architecture Framework
2010-02 Building Security Architecture Framework 2010-02 Building Security Architecture Framework
2010-02 Building Security Architecture Framework
 
Data Center Security: Always a Main Concern for Businesses
Data Center Security: Always a Main Concern for BusinessesData Center Security: Always a Main Concern for Businesses
Data Center Security: Always a Main Concern for Businesses
 
Data Center Security
Data Center SecurityData Center Security
Data Center Security
 
Data Center Security
Data Center SecurityData Center Security
Data Center Security
 
The Security Framework for Workflow Management Systems
The Security Framework for Workflow Management SystemsThe Security Framework for Workflow Management Systems
The Security Framework for Workflow Management Systems
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
 
Data Center Security Now and into the Future
Data Center Security Now and into the FutureData Center Security Now and into the Future
Data Center Security Now and into the Future
 

Ähnlich wie Whats New in OSSIM v2.2?

What's New in AlienVault v3.0?
What's New in AlienVault v3.0?What's New in AlienVault v3.0?
What's New in AlienVault v3.0?AlienVault
 
Whats New in OSSIM v2.3?
Whats New in OSSIM v2.3? Whats New in OSSIM v2.3?
Whats New in OSSIM v2.3? AlienVault
 
Empower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEMEmpower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEMElasticsearch
 
Monitoring your data center with scom
Monitoring your data center with scomMonitoring your data center with scom
Monitoring your data center with scomMojammel Hossain
 
ESM 101 (ESM v6.9.1c)
ESM 101 (ESM v6.9.1c)ESM 101 (ESM v6.9.1c)
ESM 101 (ESM v6.9.1c)Protect724tk
 
End of Studies project: Malware Repsonse Center
End of Studies project: Malware Repsonse CenterEnd of Studies project: Malware Repsonse Center
End of Studies project: Malware Repsonse CenterAbdessabour Arous
 
Event log analyzer by me
Event log analyzer by me Event log analyzer by me
Event log analyzer by me ER Swapnil Raut
 
SCOM 2007 & Audit Collection Services
SCOM 2007 & Audit Collection Services SCOM 2007 & Audit Collection Services
SCOM 2007 & Audit Collection Services OlivierMichot
 
Dynamic Server Provisioning With Ops Manager And Hyper V – Notes From The Field
Dynamic Server Provisioning With Ops Manager And Hyper V – Notes From The FieldDynamic Server Provisioning With Ops Manager And Hyper V – Notes From The Field
Dynamic Server Provisioning With Ops Manager And Hyper V – Notes From The FieldAmit Gatenyo
 
TrueSight Enterprise Edition
TrueSight Enterprise EditionTrueSight Enterprise Edition
TrueSight Enterprise Editionmichaelkmcdowell
 
McAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEMMcAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEMIftikhar Ali Iqbal
 
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFB
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFBMonitoring and Securing a Geo-Dispersed Data Center at Hill AFB
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFBElasticsearch
 
OpManager-Overview-30-9-14.pdf
OpManager-Overview-30-9-14.pdfOpManager-Overview-30-9-14.pdf
OpManager-Overview-30-9-14.pdfssusera181ef
 
Transforming your Security Products at the Endpoint
Transforming your Security Products at the EndpointTransforming your Security Products at the Endpoint
Transforming your Security Products at the EndpointIvanti
 
Dynamic Server Provisioning With Ops Manager and Hyper-V
Dynamic Server Provisioning With Ops Manager and Hyper-VDynamic Server Provisioning With Ops Manager and Hyper-V
Dynamic Server Provisioning With Ops Manager and Hyper-VAmit Gatenyo
 

Ähnlich wie Whats New in OSSIM v2.2? (20)

What's New in AlienVault v3.0?
What's New in AlienVault v3.0?What's New in AlienVault v3.0?
What's New in AlienVault v3.0?
 
EventLog Analyzer - Product overview
EventLog Analyzer - Product overviewEventLog Analyzer - Product overview
EventLog Analyzer - Product overview
 
Inside forti os-v524-r5
Inside forti os-v524-r5Inside forti os-v524-r5
Inside forti os-v524-r5
 
Inside forti os-v524-r5
Inside forti os-v524-r5Inside forti os-v524-r5
Inside forti os-v524-r5
 
Whats New in OSSIM v2.3?
Whats New in OSSIM v2.3? Whats New in OSSIM v2.3?
Whats New in OSSIM v2.3?
 
ESM_101_6.9.0.pdf
ESM_101_6.9.0.pdfESM_101_6.9.0.pdf
ESM_101_6.9.0.pdf
 
Empower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEMEmpower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEM
 
Monitoring your data center with scom
Monitoring your data center with scomMonitoring your data center with scom
Monitoring your data center with scom
 
ESM 101 (ESM v6.9.1c)
ESM 101 (ESM v6.9.1c)ESM 101 (ESM v6.9.1c)
ESM 101 (ESM v6.9.1c)
 
End of Studies project: Malware Repsonse Center
End of Studies project: Malware Repsonse CenterEnd of Studies project: Malware Repsonse Center
End of Studies project: Malware Repsonse Center
 
Event log analyzer by me
Event log analyzer by me Event log analyzer by me
Event log analyzer by me
 
SCOM 2007 & Audit Collection Services
SCOM 2007 & Audit Collection Services SCOM 2007 & Audit Collection Services
SCOM 2007 & Audit Collection Services
 
Dynamic Server Provisioning With Ops Manager And Hyper V – Notes From The Field
Dynamic Server Provisioning With Ops Manager And Hyper V – Notes From The FieldDynamic Server Provisioning With Ops Manager And Hyper V – Notes From The Field
Dynamic Server Provisioning With Ops Manager And Hyper V – Notes From The Field
 
TrueSight Enterprise Edition
TrueSight Enterprise EditionTrueSight Enterprise Edition
TrueSight Enterprise Edition
 
McAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEMMcAfee - Enterprise Security Manager (ESM) - SIEM
McAfee - Enterprise Security Manager (ESM) - SIEM
 
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFB
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFBMonitoring and Securing a Geo-Dispersed Data Center at Hill AFB
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFB
 
OpManager-Overview-30-9-14.pdf
OpManager-Overview-30-9-14.pdfOpManager-Overview-30-9-14.pdf
OpManager-Overview-30-9-14.pdf
 
Transforming your Security Products at the Endpoint
Transforming your Security Products at the EndpointTransforming your Security Products at the Endpoint
Transforming your Security Products at the Endpoint
 
NMS-500 Universal Network Management Controller
NMS-500 Universal Network Management ControllerNMS-500 Universal Network Management Controller
NMS-500 Universal Network Management Controller
 
Dynamic Server Provisioning With Ops Manager and Hyper-V
Dynamic Server Provisioning With Ops Manager and Hyper-VDynamic Server Provisioning With Ops Manager and Hyper-V
Dynamic Server Provisioning With Ops Manager and Hyper-V
 

Mehr von AlienVault

Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsMeltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsAlienVault
 
Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?AlienVault
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultAlienVault
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMAlienVault
 
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...AlienVault
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection RecommendationsAlienVault
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienVault
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideAlienVault
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmAlienVault
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
PCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuidePCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuideAlienVault
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmAlienVault
 
The State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICThe State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICAlienVault
 
Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides finalAlienVault
 
Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMAlienVault
 
Improve Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesImprove Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesAlienVault
 
How Malware Works
How Malware WorksHow Malware Works
How Malware WorksAlienVault
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverAlienVault
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAlienVault
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMAlienVault
 

Mehr von AlienVault (20)

Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsMeltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
 
Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
 
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworks
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's Guide
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usm
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
 
PCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuidePCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step Guide
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usm
 
The State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICThe State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHIC
 
Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides final
 
Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USM
 
Improve Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesImprove Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation Directives
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & Response
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
 

Kürzlich hochgeladen

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 

Kürzlich hochgeladen (20)

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 

Whats New in OSSIM v2.2?

  • 1. What’s New in OSSIM 2.2? http://www.alienvault.com February 2009 Juan Manuel Lorenzo (jmlorenzo@alienvault.com)
  • 2. New Features and Enhancements OSSIM 2.2
  • 3. Index New Features and Enhancements New Installer Enhanced Usability New Vulnerability Management Interface ISO & PCI Compliance Unified Report Manager Asset Management, Search and Reporting SIEM Forensic Console Enhancements Full PCI Wireless Security compliance Netflow Analysis New data sources New menu organization Multiclient Logger Higher Performance and Increased Storage Upcoming Work 3
  • 4. New installer 32-bit and 64-bit version Graphical installer Unattended installation VPN auto-setup Firewall auto-setup Update process improved Full Multi-profile Automatic configuration of OSSIM Components HTTPS enabled by default Software Upgraded Packet capture improved (Pfring 1.0 in 32-bit and 64- bit version) 4
  • 5. New Installer Upgraded Software Linux Kernel 2.6.31 Support for newest devices MySQL 5.1 Greater performance and partitioning support Pfring 4.0 PF_RING can be used with vanilla kernels (no kernel patch required). OSSEC 2.3.1 Real time file integrity monitoring on Windows systems Support for monitoring the commands output (process monitoring) Openvas 3.0 WMI clients support New internal module architecture 5
  • 6. Enhanced Usability Easy access to a broad range of information about any host or network: Asset Report Alarms SIEM Logger Ticketing system Knowledge DB Vulnerabilities Network Monitor Availability Monitor Right-click on any IP address or Network to see the contextual menu 6
  • 7. Enhanced Usability Ease of use Analysis/Monitoring, reporting and configuration have been separated into different tabs. Advanced options and complex configurations have been separated from simple configuration options. Help Each panel has it's own link to the documentation/help 7
  • 8. Enhanced Usability User templates Simplifies permission assignment to users in OSSIM. Floating Windows New floating Windows are now being used to help navigation within the web interface. 8
  • 9. New Vulnerability Management Interface Schedule Scans Scanning profiles Scan summary Threats database Predefined Scanning Profiles Reporting in HTML, PDF and XLS Monitor Scan status in Real Time Vulnerability Scanner Web configuration 9
  • 10. New Vulnerability Management Interface Monitor Scan status in Real Time Schedule Scan 10
  • 11. New Vulnerability Management Interface Vulnerability Scanner Reports 11 EXCEL PDF HTML
  • 12. ISO & PCI Compliance Automated PCI DSS and ISO 27001 Compliance reporting including: Threat overview Business real impact risks C.I.A Potential impact PCI-DSS Trends ISO27002 Potential impact ISO27001 Directives mapped to compliance control objectives   12
  • 13. Unified Report Manager Report Management system built on JasperServer Reports in PDF, RTF, and HTML Format Reports can be sent via e-mail from the Web Interface Time frame selection when generating reports 13
  • 14. Unified Report Manager Access all reports from a single centralized location Available reports: Asset Report SIEM Events Logger Alarms Business & Compliance ISO PCI Metrics Report Geographic Report User activity 14
  • 15. Unified Report Manager Content selection for each report Customizable Reports 15
  • 16. Asset Management, Search and Reporting 16 Asset Search Find all Assets matching certain criteria Date frame Selection Save predefined searches Advanced searches Auto completion
  • 17. Asset Management, Search and Reporting 17 Advanced Asset Search Use logical Operators to combine search criteria Predefined Search Criterias Advanced searches Multiple Options in each criteria Auto completion
  • 18. Asset Management, Search and Reporting 18 Asset Report Shows all the information regarding a host or network that can be found in OSSIM
  • 19. SIEM Forensic Console Enhancements SIEM Forensic Database redesigned Faster analysis Storage capacity increased Search Engine optimized Logical Search (Using AND & OR operators) Export query results in PDF Format New filters Filter by country Filter by local networks Time frame selection using a calendar Extended information using event references 19
  • 20. SIEM Forensic Console Enhancements Search using AND & OR (IP and Signature) Export query results in PDF Format 20
  • 21. SIEM Forensic Console Enhancements Event geo-localization statistics Time frame selection 21
  • 22. Full PCI Wireless Security compliance Implements the necessary controls for a full Wireless PCI Compliance. Reporting System and Wireless IDS (Kismet) Reports: Networks Cloaked Networks having uncloaked AP’s Encrypted Networks having unencrypted AP’s Networks using weak encryptions Suspicious clients 22
  • 23. Netflow Analysis Netflow monitoring and management Integration of Nfdump and Nfsen Netflow collection from network devices Fprobe auto-configured to collect logs in the OSSIM collectors. 23
  • 24. Netflow Analysis Easy configuration interface Complex Netflow Analysis and plugin support 24
  • 25. New data sources Cisco SDEE Application level communications protocol that is used to exchange events in Cisco Devices Snort Unified2 Snort 3.0 and Suricata Engine supported WMI Agentless Collection Windows Management Instrumentation New supported devices and applications Astaro, Vyatta, Siteprotector, TippingPoint, Juniper VPN, RedBack, Netscreen IDP, Kismet, LucentBrick,... 25
  • 26. New Menu Organization Dashboards High level information: charts, graphs, and risk maps. Incidents Medium level information: Alarms, Ticketing system and Knowledge DB Analysis Low level information: SIEM Events (Data mining), Logger and vulnerabilities Reports Report Manager Assets Inventory, Asset Search and OSSIM Components 26
  • 27. New Menu Organization Intelligence Policy, actions, correlation rules and Compliance Mapping Monitors Information in real time: Network, Usage and availability Configuration Users, Collection configuration, and Database Upgrades Tools Backup, Tools Download, and Network Discovery system 27
  • 28. Multiclient Multi Company/Department management capabilities Multi-hierarchical deployments 28 Only available when using Alienvault professional SIEM
  • 29. Logger New graphs and statistics Reports on the information stored in the Logger Logical operators in Logger Search Fastest access to the information stored in the Logger 29 Only available when using Alienvault professional SIEM
  • 30. Logger Select the time frame easily clicking on graphs or using a calendar Digitally signed logs can be exported to be verified using an external application Improved search syntax 30 Only in Alienvault Professional SIEM
  • 31. Higher Performance and Increased Storage Database redesigned to increase performance and storage capacity. Improved Multithread support in OSSIM Server Multi-insertion to reduce database queries Faster processing of events 31 Only available when using Alienvault professional SIEM
  • 33. Upcoming work NAC ( Network Access Control) Asset auto-discovery HIDS Management console Collectors Management console New correlation capabilities DLP (Data Loss Prevention) Improve Nagios Integration 33