IDS mailing list archives

Re: IDS - DECISION SUPPORT SYSTEM

From: "David J. Bianco" <david () vorant com>
Date: Tue, 16 Aug 2005 08:26:28 -0400

I'm not familiar with Decision Support Systems as defined by the marketplace,
but taking a strict English definition, I recommend you have a look at the
sguil project.  Sguil is an open source Network Security Monitoring (NSM)
solution that ties together IDS alerts, network session data, full packet
logs and other data to give an intrusion analyst a great deal of information
to help them research and make informed decisions about the security of
their network.

Check out the project page at http://www.sguil.org or see my overview
presentation at http://www.vorant.com/downloads.html if you think this
might be what you're looking for.

        David

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------

Current thread:

IDS - DECISION SUPPORT SYSTEM trantichphuoc (Aug 15)
- Re: IDS - DECISION SUPPORT SYSTEM David J. Bianco (Aug 16)
- Message not available
  - Re: IDS - DECISION SUPPORT SYSTEM Augusto Paes de Barros (Aug 16)
- Re: IDS - DECISION SUPPORT SYSTEM Avi C (Aug 18)
- Re: [BULK] IDS - DECISION SUPPORT SYSTEM Sanjay Rawat (Aug 18)