Security Basics mailing list archives

Re: SIM questions.

From: auto37865 () hushmail com
Date: Wed, 20 Aug 2008 02:46:51 -0600

We love both Security Center and Qradar for a SIM.  Hurts a bit paying for Security Center but I've used Nessus for 
free for years (with the best results aside from expensive services like Qualys) so I can't begrudge Tenable at all.  
We like doing our own scans as opposed to having a vendor provide SAAS, for us its much quicker and easy to do follow 
up scans for remediation.

Q1 labs Qradar, though not cheap, was our choice for a SIM tool and would be again should I move to another company.  
We've done extensive research and have been stuck with, and used, other SIM tools with much less than desirable 
results.  

Qradar was up and running very quickly (less than 2 days) Adding rules and tuning doesn't require irritating regex or 
much time at all.  Writing and customizing rules is nearly as easy as an email rule.  

Qradar will also does nmap and nessus scans but we haven't played with it much as our networks are extremely segmented. 
 The two products complement each other nicely and has fit in to our workflow and resource constraints very nicely.

Current thread:

Height of paranoia, (continued)
- - Height of paranoia WALI (Aug 27)
    - Re: Height of paranoia Adriel Desautels (Aug 28)
    - RE: Height of paranoia Murda Mcloud (Aug 28)
    - Re: Height of paranoia Adam Pal (Aug 28)
    - RE: Height of paranoia Scott Race (Aug 28)
    - RE: Height of paranoia Rivest, Philippe (Aug 28)
    - Re: Height of paranoia pinowudi (Aug 28)
    - Message not available
    - Re:Height of paranoia reflect ocean (Aug 28)
    - Re: Height of paranoia Chad Perrin (Aug 28)
    - Re: Height of paranoia David J. Bianco (Aug 28)
- Re: SIM questions. auto37865 (Aug 20)