AlienVault’s open source SIEM project, OSSIM, provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.
Our Open Source SIEM (OSSIM) addresses this reality by providing one unified platform with many of the essential security capabilities you need like:
- Asset discovery
- Vulnerability assessment
- Intrusion detection
- Behavioral monitoring
good job os-sim
os-sim works great
Hi, I'm started to use OSSIM 4 days ago and and find it powerful system, I read the official documentation, i found that AlienVault Pro is diferenced from OSSIM by two major things: 1- The use of Logger ( Storage of data every 5 days( the parameter can be changed) in system of massive storage like SAN, 2- VPN access. Today, i found in the section Analysis-->Security Events (SIEM) --> Configure a parameter: Active Event Window (days). This parameter permit to configure the number of days that the storage of data can de done. Please, What'is the difference between the two parameters in both versions (OpenSource and Pro)? Did OSSIM Open Source able to store data stored on DataBase periodically ? Thank you at advance.
Best free software SIM/SEM I know so far. Nessus/OpenVAS, nmap, Nagios, Snort, Syslog/Snare etc. all in one place. Not perfect yet, but already really cool - to be recommended! ;) (In German we would call such an appliance "Eier legende Wollmilch-Sau".)