|
Security Basics
mailing list archives
Re: SIM Suggestions
From: "ॐ aditya mukadam ॐ" <aditya.mukadam () gmail com>
Date: Wed, 30 Jul 2008 23:23:39 +0530
Well, netforensics SimOne has extensive corelation rules options !
Thanks,
Aditya Govind Mukadam
On Wed, Jul 30, 2008 at 1:45 PM, Vu Anh Tu <fpt-noc () fpt net> wrote:
Hi all,
The heart of SIMs is the correlation engine, I have tried MARS, Netforensics
but was not interested in the products, cause the correlation engine is too
simple. Without a good correlation engine a SIM is not different from a log
analyzer.
Vu Anh Tu
FPT Telecom
On Jul 29, 2008, at 10:11 PM, Mike Theriault wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It depends on your budget. ArcSight and EnVision are the best players in
this
space.
Regards,
Mike Theriault
Corporate Security Engineer
- -----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On
Behalf Of Lafosse, Ricardo
Sent: Tuesday, July 29, 2008 10:30 AM
To: security-basics () securityfocus com
Subject: SIM Suggestions
Hello all,
I know this is going to be a full loaded answer however we are
interested in acquiring a SIM. Any good/bad experiences and/or
suggestions would be greatly appreciated. We are a medium sized
organization.
Thanks,
Ricardo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
iQEVAwUBSI8zEinWlVJ1fs3ZAQKm7Af+NkzqC6fftRCpX33FFN3M741JTzx4YSCQ
l2x6q7wKWT5ecApX4SXJncvQoPMrfp6vT/ybPFRnRi7IawqXmIvsLlvcnqmHatzz
xcGRtxw7AXX9fm/hKsIkvEOAj43attZtDigMnOZMGkmqdsimGAxuaDc/1FyjiEo1
lLnPhtWnu+C4DPnkQimyNwkqNKVikCWuAE86y/lgStnTrx5R6AnfMBbc5KoNTq7t
3j9ww6gp/5imx1ZZi8Q1n6j1BZx0+la2yqf6PVy8PEFfNd2mmfoIiBvdMDfkqroJ
YQUW6w6nFKi7nKrA+GC551rdUqFEW4+ul89YuDtXZkDc7NkDQHKttA==
=4qES
-----END PGP SIGNATURE-----
 By Date 
By Thread
Current thread:
- Re: SIM Suggestions, (continued)
Re: SIM Suggestions Kurt Buff (Jul 31)
|
Intro
