Re: Open source SIEM

["Cleary, Kevin" <kpcleary () BUFFALO EDU>]

Hi Zepu,

 

You may also want to look at OpenVas: https://www.openvas.org/

 

We don’t use this for enterprise purposes but I have used this for one of my classes and it seems to work reasonably 
well.

 

--

Kevin

 

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Zepu Chen
Sent: Tuesday, February 11, 2020 1:50 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Open source SIEM

 

Good Afternoon,

We are researching the possibility to implement an open-source SIEM solution at our University. The project we are 
currently reviewing is MozDef from Mozilla. Does anyone currently have MozDef or other open-source SIEM implemented in 
your environment? How are the implementation and operations experience so far? 
We are interested in seeing what other schools are doing. We would greatly appreciate it if you would be kind enough to 
share any pitfalls, constraints and roadblocks as well as implementation recommendations.

 
Thanks,

 

 <https://denison.edu/> 

Zepu Chen
Systems & Security Administrator
Information Technology Services

Office:  <tel:1-740-587-5307> 740-587-5307
 <mailto:zepu.chen () denison edu> zepu.chen () denison edu 

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community 


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Attachment: smime.p7s
Description: