The Open Source SIEM
OS-SIM combines Snort, BASE, NTOP, Nagios, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security.
OSSIM stands for Open Source Security Information Management. Its goal is to provide a comprehensive compilation of tools which, when working together, grant network/security administrators with a detailed view over each and every aspect of his or her networks, hosts, physical access devices, server, etc.
Besides getting the most out of well known open source tools, some of which are briefly described below, OSSIM provides a strong correlation engine, detailed low, medium and high level visualization interfaces, and reporting and incident management tools, based on a set of defined assets such as hosts, networks, groups and services.
All of this information can be restricted by network or sensor in order to provide only the required information to specific users; allowing for a fine grained multi–user security environment. Finally, the ability to perform as an IPS (Intrusion Prevention System), using correlated information from virtually any source, will be a useful addition to any security professional’s arsenal.
In a hurry? Add it to your Download Basket!
What's New in version 1.0.6
- This release corrects lots of security problems that have appeared on the underlying OS during the last months.
- It also adds clamav and mod-security for self-protection, a ton of ossim bugfixes, and the new alienvault feed for nessus updates.