- Apr 25, 2015
- 1,845
- 2
- 2,199
- 327
So, this is a pretty sick tool:
AlienVault OSSIM
As you can quickly see, we are able to realize the need for a SIEM - and perhaps a firewall to actually block these attackers.
The problem?
Over 15,000 attack events occurred from a single Russian host.
The solution?
Using this AlienVault OSSIM tool, trigger a block on a firewall to get the IP(s) banned from the network. Waste of networking resources, ignore!
Download the ISO here: https://cybersecurity.att.com/products/ossim/download
AlienVault OSSIM
As you can quickly see, we are able to realize the need for a SIEM - and perhaps a firewall to actually block these attackers.
The problem?
Over 15,000 attack events occurred from a single Russian host.
The solution?
Using this AlienVault OSSIM tool, trigger a block on a firewall to get the IP(s) banned from the network. Waste of networking resources, ignore!
Download the ISO here: https://cybersecurity.att.com/products/ossim/download