SIEM - Alienvault OSSIM

Asphyxia

Owner
Administrator
Joined
Apr 25, 2015
Messages
1,846
Solutions
2
Reaction score
2,203
Points
327
So, this is a pretty sick tool:
AlienVault OSSIM

1587882636453.png

As you can quickly see, we are able to realize the need for a SIEM - and perhaps a firewall to actually block these attackers.

The problem?

Over 15,000 attack events occurred from a single Russian host.

The solution?

Using this AlienVault OSSIM tool, trigger a block on a firewall to get the IP(s) banned from the network. Waste of networking resources, ignore!

Download the ISO here: https://cybersecurity.att.com/products/ossim/download
 
Top