IDS: Re: RE: Cisco CTR

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

IDS mailing list archives

Re: RE: Cisco CTR

From: "Anton A. Chuvakin" <anton () chuvakin org>
Date: Fri, 5 Dec 2003 14:43:33 -0500 (EST)

security posture managment.  The SIM providers has no security knowledge
or "smart engines" to correlate based on substantial security knowledge
and experience.

Well, this is not true. Some SIM products are much more than mere "log
aggregators" as they contain the above security knowledge in the form of
correlation rules, algorithmic correlation methods, vulnerability->attack
correlation techniques and other neat things.

Best,
-- 
  Anton A. Chuvakin, Ph.D., GCI*
     http://www.chuvakin.org
   http://www.info-secure.org


---------------------------------------------------------------------------
---------------------------------------------------------------------------

By Date By Thread

Current thread:

Re: RE: Cisco CTR liranil (Dec 01)
- Re: RE: Cisco CTR Anton A. Chuvakin (Dec 05)
- <Possible follow-ups>
- RE: RE: Cisco CTR Teicher, Mark (Mark) (Dec 01)
- Re: Cisco CTR Eric Hacker (Dec 02)
  - Re: Cisco CTR Martin Roesch (Dec 02)
  - Re: Cisco CTR Martin Roesch (Dec 03)