AlienVault OSSIM

OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities:

* Log management
* Advanced threat detection with a continuously updated library of pre-built correlation rules
* Actionable threat intelligence updates from AlienVault Labs Security Research Team
* Rich analytics dashboards and data visualization

Features

Asset Discovery
Vulnerability Assessment
Intrusion Detection
Behavioral Monitoring
SIEM

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 2.0 (GPLv2)

Follow AlienVault OSSIM

AlienVault OSSIM Web Site

Other Useful Business Software

Keep company data safe with Chrome Enterprise

Protect your business with AI policies and data loss prevention in the browser

Make AI work your way with Chrome Enterprise. Block unapproved sites and set custom data controls that align with your company's policies.

Download Chrome

Rate This Project

User Ratings

5.0 out of 5 stars

★★★★★

★★★★

★★★

★★

★

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

User Reviews

Filter Reviews:

All

bibkam Posted 2012-07-18

Hi, I'm started to use OSSIM 4 days ago and and find it powerful system, I read the official documentation, i found that AlienVault Pro is diferenced from OSSIM by two major things: 1- The use of Logger ( Storage of data every 5 days( the parameter can be changed) in system of massive storage like SAN, 2- VPN access. Today, i found in the section Analysis-->Security Events (SIEM) --> Configure a parameter: Active Event Window (days). This parameter permit to configure the number of days that the storage of data can de done. Please, What'is the difference between the two parameters in both versions (OpenSource and Pro)? Did OSSIM Open Source able to store data stored on DataBase periodically ? Thank you at advance.
redtux Posted 2010-04-15

Best free software SIM/SEM I know so far. Nessus/OpenVAS, nmap, Nagios, Snort, Syslog/Snare etc. all in one place. Not perfect yet, but already really cool - to be recommended! ;) (In German we would call such an appliance "Eier legende Wollmilch-Sau".)
oid-2797042 Posted 2010-02-08

Easy tool to use
gutzba Posted 2009-11-14

Excelent SIM

Additional Project Details

Operating Systems

BSD, Linux, Mac, Windows

Languages

Brazilian Portuguese, Chinese (Simplified), Chinese (Traditional), English, French, German, Japanese, Spanish

Intended Audience

Information Technology, Management, System Administrators

User Interface

Web-based

Programming Language

C, Perl, PHP, PL/SQL, Python

Database Environment

ADOdb, MySQL, Proprietary file format

Related Categories

Python Security Software, Python Log Analysis Software, Python Network Monitoring Software, Python Operating Systems, Python SIEM Tool, Perl Security Software, Perl Log Analysis Software, Perl Network Monitoring Software, Perl Operating Systems, Perl SIEM Tool, C Security Software, C Log Analysis Software, C Network Monitoring Software, C Operating Systems, C SIEM Tool, PHP Security Software, PHP Log Analysis Software, PHP Network Monitoring Software, PHP Operating Systems, PHP SIEM Tool, PL/SQL Security Software, PL/SQL Log Analysis Software, PL/SQL Network Monitoring Software, PL/SQL Operating Systems, PL/SQL SIEM Tool

Registered

2003-07-18

Similar Business Software

ManageEngine EventLog Analyzer

ManageEngine EventLog Analyzer is an on-premise log management solution designed for businesses of all sizes across various industries such as information technology, health, retail, finance, education and more. The solution provides users with both agent based and agentless log collection, log...

See Software
ManageEngine Log360

Detect, investigate, and resolve security incidents and threats using a single, scalable SIEM solution. Log360 provides you with actionable insights and analytics-driven intelligence for real-time security monitoring, advanced threat detection, incident management, and behavioral analytics-based...

See Software
SureLog

SureLog SIEM. Capabilities. SureLog Enterprise SIEM is a next-generation log and event management reporting platform that analyzes log event data in real time to detect and prevent security attacks. By consolidating events from all log sources, SureLog Enterprise correlates and aggregates...

See Software
Logmanager

Logmanager is a centralized log management platform enhanced with SIEM capabilities that radically simplifies responses to cyberthreats, legal compliance, and troubleshooting. By transforming diverse logs, events, metrics, and traces into actionable insights, it helps security and operations...

See Software
EventSentry

Hybrid SIEM solution combining real-time (event) log monitoring with comprehensive system health & network monitoring provides users with a complete picture of their servers and endpoints. The included security event log normalization & correlation engine with descriptive email alerts...

See Software
LOGalyze

LOGalyze is an open source, centralized log management and network monitoring software. If you would like to handle all of your log data in one place, LOGalyze is the right choice. It supports Linux/Unix servers, network devices, Windows hosts. It provides real-time event detection and extensive...

See Software