Educause Security Discussion mailing list archives
Re: SIEM preferences for the budget conscious institution
From: "Baillio, Aaron" <abaillio () OU EDU>
Date: Fri, 27 Jan 2017 16:56:15 +0000
We are using 2 solutions, Elastic Search as well as AlienVault. ES is an open source Splunk derivative. We have AlienVault running alongside because it has so many features aside from the SIEM. Feel free to hit me up with questions as well. B. Aaron Baillio Managing Director, Security Operations and Architecture Univeristy of Oklahoma, IT O: 405-325-7948 C: 254-400-6404 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Barnes, William Sent: Friday, January 27, 2017 10:54 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] SIEM preferences for the budget conscious institution I'm using Alienvault USM. I like it. You can drop me an email or give me a call next week if you have an specific questions about it. Thanks! --Bill ************************************************************************* * Bill Barnes, RHCE, CISSP * Manager of Technology Support Services * and Library Network Administrator * Technology Support Services * Bloomsburg University * ph: 570-389-2813 * e-mail: wbarnes () bloomu edu<mailto:wbarnes () bloomu edu> ************************************************************************* From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Rob Milman Sent: Friday, January 27, 2017 11:53 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] SIEM preferences for the budget conscious institution Hi everyone, I have the approval to bring a SIEM into our institution and was hoping the community could provide me with insight into the various SIEM platforms pros and cons. We have looked at QRadar, Splunk, LogRythm, and Arcsight. I've been getting a lot of ads for AlienVault USM, but don't know anyone who it using that. Any insight you can provide would be most appreciated. Thanks, Rob [cid:image004.png@01D18F19.9217E950] Rob Milman Security & Compliance Analyst Information Systems Southern Alberta Institute of Technology EH Crandell Building, GA 214 1301 - 16 Avenue NW, Calgary AB, T2M 0L4 (Office) 403.774.5401 (Cell) 403.606.3173 rob.milman () sait ca<mailto:rob.milman () sait ca>
Current thread:
- SIEM preferences for the budget conscious institution Rob Milman (Jan 27)
- Re: SIEM preferences for the budget conscious institution Barnes, William (Jan 27)
- Re: SIEM preferences for the budget conscious institution Baillio, Aaron (Jan 27)
- Re: SIEM preferences for the budget conscious institution Christopher Caldwell (Jan 27)
- Re: SIEM preferences for the budget conscious institution Johnson, Kyle A (Jan 27)
- Re: SIEM preferences for the budget conscious institution Kevin Wilcox (Jan 27)
- Re: SIEM preferences for the budget conscious institution Barnes, William (Jan 27)