Guys, just quick reference to AlienVault solution and its resources. Looking for some documentation related with subject of building Incident Response Process I found out that there are awesome articles delivered by this product!
OSSIM, the Open Source SIEM developed by AlienVault is good looking product with bunch of tools and great features. It's developers say :
"OSSIM provides all of the capabilities that a security professional needs from a SIEM offering, event collection, normalization, correlation and incident response - but it also does far more."
Possibly, I will review this solution on my own - hopefully writing some kind of review - , but today only passing links to documentation. "SIEM for
ITIL-Mature Incident Response" divided into two great parts gives really good background for Incident Response process development. This can be find here and here.
I really encourage all IT Security Pro's to read and understand!
Brak komentarzy:
Prześlij komentarz