IDS mailing list archives

RE: Correlation tool

From: "Matthew F. Caldwell" <mattc () guarded net>
Date: Tue, 17 Jun 2003 11:23:53 -0400

Thomas,

        You may want to take a look at the open source tool "Simple
Event Correlator".  http://kodu.neti.ee/~risto/sec/

The website claims to aggregate and correlate Event Data from the Snort
IDS. The level of correlation is pretty simple from my understanding
however it is Open Source. So add mod add away!

If you interested in something a bit more on the scalable/robust with
extensible open architecture. I would invite you to check out Guarded
Net's neuSecure product. 


Matt

Matthew F. Caldwell, CISSP
Founder and Chief Security Officer
GuardedNet, Inc. 
www.guarded.net


-----Original Message-----
From: Thomas Seibel [mailto:Thomas.Seibel () controlware de] 
Sent: Tuesday, June 17, 2003 10:00 AM
To: focus-ids () securityfocus com
Subject: Correlationtool

Hello,

does someone knows if there is an opensource tool which can correlate
IDS-Data from Snort?

Regards,
Tom 


------------------------------------------------------------------------
-------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas,
the 
world's premier technical IT security event! 10 tracks, 15 training
sessions, 
1,800 delegates from 30 nations including all of the top experts, from
CSO's to 
"underground" security specialists.  See for yourself what the buzz is
about!  
Early-bird registration ends July 3.  This event will sell out.
www.blackhat.com
------------------------------------------------------------------------
-------


-------------------------------------------------------------------------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the
world's premier technical IT security event! 10 tracks, 15 training sessions,
1,800 delegates from 30 nations including all of the top experts, from CSO's to
"underground" security specialists.  See for yourself what the buzz is about!
Early-bird registration ends July 3.  This event will sell out. www.blackhat.com
-------------------------------------------------------------------------------

Current thread:

RE: Correlation tool Matthew F. Caldwell (Jun 17)
- Re: Correlation tool nyec (Jun 17)
- Re: [security-elvandar] RE: Correlation tool Remko Lodder (Jun 17)
  - Re: [security-elvandar] RE: Correlation tool Ian Macdonald (Jun 18)