Security Basics mailing list archives
RE: SIM Suggestions
From: "Ramki B Ramakrishnan" <bramkie () gmail com>
Date: Wed, 30 Jul 2008 20:31:35 +0530
Splunk is good for log analysis and AFIK more economical... http://www.splunk.com/applications Any views on Splunk would add value to this thread. ----- Ramki B. Ramakrishnan Security Enthusiast GIAC:GSEC, CvA -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Vu Anh Tu Sent: Wednesday, July 30, 2008 1:46 PM To: security-basics () securityfocus com Subject: Re: SIM Suggestions Hi all, The heart of SIMs is the correlation engine, I have tried MARS, Netforensics but was not interested in the products, cause the correlation engine is too simple. Without a good correlation engine a SIM is not different from a log analyzer. Vu Anh Tu FPT Telecom On Jul 29, 2008, at 10:11 PM, Mike Theriault wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It depends on your budget. ArcSight and EnVision are the best players in this space. Regards, Mike Theriault Corporate Security Engineer - -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com ] On Behalf Of Lafosse, Ricardo Sent: Tuesday, July 29, 2008 10:30 AM To: security-basics () securityfocus com Subject: SIM Suggestions Hello all, I know this is going to be a full loaded answer however we are interested in acquiring a SIM. Any good/bad experiences and/or suggestions would be greatly appreciated. We are a medium sized organization. Thanks, Ricardo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (MingW32) iQEVAwUBSI8zEinWlVJ1fs3ZAQKm7Af+NkzqC6fftRCpX33FFN3M741JTzx4YSCQ l2x6q7wKWT5ecApX4SXJncvQoPMrfp6vT/ybPFRnRi7IawqXmIvsLlvcnqmHatzz xcGRtxw7AXX9fm/hKsIkvEOAj43attZtDigMnOZMGkmqdsimGAxuaDc/1FyjiEo1 lLnPhtWnu+C4DPnkQimyNwkqNKVikCWuAE86y/lgStnTrx5R6AnfMBbc5KoNTq7t 3j9ww6gp/5imx1ZZi8Q1n6j1BZx0+la2yqf6PVy8PEFfNd2mmfoIiBvdMDfkqroJ YQUW6w6nFKi7nKrA+GC551rdUqFEW4+ul89YuDtXZkDc7NkDQHKttA== =4qES -----END PGP SIGNATURE-----
Current thread:
- RE: SIM Suggestions, (continued)
- RE: SIM Suggestions Daniel I. Didier (Jul 29)
- RE: SIM Suggestions Ramki B Ramakrishnan (Jul 30)
- RE: SIM Suggestions Tariq Naik (Jul 29)
- RE: SIM Suggestions Ramki B Ramakrishnan (Jul 29)
- Re: SIM Suggestions ॐ aditya mukadam ॐ (Jul 29)
- RE: SIM Suggestions Mike Theriault (Jul 29)
- Re: SIM Suggestions Vu Anh Tu (Jul 30)
- Re: SIM Suggestions David Gadoury (Jul 31)
- Re: SIM Suggestions Albert R. Campa (Jul 31)
- Re: SIM Suggestions ॐ aditya mukadam ॐ (Jul 31)
- RE: SIM Suggestions Ramki B Ramakrishnan (Jul 31)
- Re: SIM Suggestions Kurt Buff (Jul 31)
- Re: SIM Suggestions Vu Anh Tu (Jul 30)