Educause Security Discussion mailing list archives
Re: SIEM
From: "Pratt, Benjamin E." <bepratt () STCLOUDSTATE EDU>
Date: Fri, 29 Apr 2011 07:21:14 -0500
We had a project where we evaluated SIEM products a couple of years ago and chose to go with a product from LogRhythm. With the little that I've played with it the product seems to have some nice built-in reporting and the ability to do a fair amount of customization. Unfortunately, as is the issue with many of our security projects on campus, the backing of resources has not followed the initial investment of time. I guess my big take-away is that it doesn't matter if logs are on separate systems or if they are all on the same system if nobody is looking at them. Ben From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Rob Milman Sent: Thursday, April 28, 2011 4:23 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] SIEM Hi all, I've been asked to evaluate products in order to implement a SIEM solution for our core infrastructure. What, if any, SIEM solutions are working for you? Is anyone using OSSIM by alienvault? Thanks, Rob Security and Compliance Analyst, Information Systems, SAIT Polytechnic 1301 - 16 Avenue NW, Calgary, Alberta, Canada T2M 0L4 Ph (403) 210.4229, Cell (403) 606.3173, Fax (403) 284-8811 http://www.sait.ca<http://www.sait.ca/>
Current thread:
- SIEM Rob Milman (Apr 28)