SIEM Solutions

NightShade03NightShade03 Member Posts: 1,383 ■■■■■■■□□□
in Off-Topic
Does anyone have any experience or recommendations for this? We have looked at a few log correlation/management appliances but we are still looking for something to manage security device logs as well.
Modular Learning - Learn Something New

SE Notebook
· Share on FacebookShare on Twitter

Comments

  • AhriakinAhriakin Member Posts: 1,799 ■■■■■■■■□□
    Open source I tried OSSIM before and it was decent but had a huge learning curve (and integration with it's sub tools would often break with major revisions). I had a look around before Xmas and the 2 that stood out to me were QRadar and Trigeo (though the latter is not aimed above medium sized enterprises).
    We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place?
    · Share on FacebookShare on Twitter
  • NightShade03NightShade03 Member Posts: 1,383 ■■■■■■■□□□
    Thanks for the recommendations. Q1 Labs was in recently with a demo and the security guy said he wasn't crazy about it. Will look into the other product too.
    Modular Learning - Learn Something New

    SE Notebook
    · Share on FacebookShare on Twitter
Sign In or Register to comment.