Bienvenue sur Scribd !

OSSIM Components

Transféré par

0% ont trouvé ce document utile (0 vote)

327 vues8 pages

OSSIM is an open source security information and event management (SIEM) framework with several key components. The server is the core component and connects all other components together. Sensors collect information using plugins from various sources. The database stores inventory, configuration, and security event data. The server performs functions like event correlation, risk assessment, inventory management, and policy management using open source software within each component.

Description originale:

Copyright

Formats disponibles

PPTX, PDF, TXT ou lisez en ligne sur Scribd

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Signaler ce document

Droits d'auteur :

Attribution Non-Commercial (BY-NC)

Formats disponibles

Téléchargez comme PPTX, PDF, TXT ou lisez en ligne sur Scribd

Signaler comme contenu inapproprié

0% ont trouvé ce document utile (0 vote)

327 vues8 pages

OSSIM Components

Transféré par

bad3106

Droits d'auteur :

Attribution Non-Commercial (BY-NC)

Formats disponibles

Téléchargez comme PPTX, PDF, TXT ou lisez en ligne sur Scribd

Signaler comme contenu inapproprié

Passer à la page

Vous êtes sur la page 1sur 8

Rechercher à l'intérieur du document

OSSIM Components Overview

OSSIM Functional Components

Server The core of the SIEM Framework Connects everything

together

Sensor Collects Information Database Storage for other components Logger (Commercial Only) Complete log
storage

Server
Server is the central component of OSSIM, and performs the key SIEM functions:
Event Correlation Risk Assessment And Prioritization Inventory and Identity Management Alarms and Scheduling Policy Management Reputation Engine

Framework
Framework manages OSSIM components and connects them together. Provides the Web User Interface Manages OSSIM component configurations and communication.

Database
Handles storage for Inventory data, configuration and SIEM events. SIEM Event Storage Asset Storage Continuous Data (netflow, etc) storage Run-time OSSIM Configurations

Sensor (+Agents)
The Information-Gathering component of OSSIM. Agents collect logs and events from external devices and OSSIM monitoring components, using Plugins for each type of information they will collect Log Collection
Fetch and Receive

Network Monitoring
Network Traffic Monitoring Network Intrusion Detection Asset Detection Host Intrusion Detection Wireless Intrusion Detection

Logger [Commercial Only]

The Server stores log events that are of interest to security analysis, filtering out only the log events that are significant. The Logger additionally stores the log in raw format for forensic and compliance purposes. and archival searches.

Indexed for Full-Text

searches Cryptographically Signed log messages Additionally accessible as raw text. Designed for long-term storage

Open Source Software in the OSSIM Architecture

Within each of the components of OSSIM, lie a selection of opensource security software. Some are part of the core Framework, others reside on the Sensors which may be distributed over the network to provide visibility. Server/Framework:

Nagios OCSInventory NFSen Ntop (interface)

Snort Nfcap/Fprobe P0f Pads Arpwatch Ntop Nmap OpenVAS OSSEC Kismet

Sensor

Vous aimerez peut-être aussi

Advanced Attack Detection Using OSSIM
Document11 pages
Advanced Attack Detection Using OSSIM
Marcelo Laurenti
Pas encore d'évaluation
Security operations center A Complete Guide - 2019 Edition
D'Everand
Security operations center A Complete Guide - 2019 Edition
Gerardus Blokdyk
Pas encore d'évaluation
Kaspersky security center
D'Everand
Kaspersky security center
Mohammed Haytham Khabbaz samkary
Pas encore d'évaluation
DLP and Data Classification A Clear and Concise Reference
D'Everand
DLP and Data Classification A Clear and Concise Reference
Gerardus Blokdyk
Pas encore d'évaluation
PAM Solutions A Complete Guide - 2019 Edition
D'Everand
PAM Solutions A Complete Guide - 2019 Edition
Gerardus Blokdyk
Pas encore d'évaluation
Dynamic Application Security Testing A Complete Guide - 2019 Edition
D'Everand
Dynamic Application Security Testing A Complete Guide - 2019 Edition
Gerardus Blokdyk
Pas encore d'évaluation
Intrusion detection system Standard Requirements
D'Everand
Intrusion detection system Standard Requirements
Gerardus Blokdyk
Pas encore d'évaluation
DDoS Mitigation A Complete Guide - 2019 Edition
D'Everand
DDoS Mitigation A Complete Guide - 2019 Edition
Gerardus Blokdyk
Pas encore d'évaluation
Day 2
Document37 pages
Day 2
sugapriya
Pas encore d'évaluation
Information Security Architecture Standard Requirements
D'Everand
Information Security Architecture Standard Requirements
Gerardus Blokdyk
Pas encore d'évaluation
AlienVault Users Manual 1.0
Document225 pages
AlienVault Users Manual 1.0
Saich Musaich
Pas encore d'évaluation
Insider Threat Management A Complete Guide - 2020 Edition
D'Everand
Insider Threat Management A Complete Guide - 2020 Edition
Gerardus Blokdyk
Pas encore d'évaluation
Firewall A Complete Guide - 2021 Edition
D'Everand
Firewall A Complete Guide - 2021 Edition
Gerardus Blokdyk
Pas encore d'évaluation
OSSEC HIDS Agent Installation: 1. Download The Latest Version and Verify Its Checksum
Document6 pages
OSSEC HIDS Agent Installation: 1. Download The Latest Version and Verify Its Checksum
rbanka_1
100% (1)
Testing intrusion detection Third Edition
D'Everand
Testing intrusion detection Third Edition
Gerardus Blokdyk
Pas encore d'évaluation
Alien Vault Device Integration Citrix NetScaler
Document7 pages
Alien Vault Device Integration Citrix NetScaler
BrittAdams
Pas encore d'évaluation
The WAZUH Open Source Security Platform
Document3 pages
The WAZUH Open Source Security Platform
Yeshigeta Emishaw
100% (1)
GIAC Security Essentials A Complete Guide - 2019 Edition
D'Everand
GIAC Security Essentials A Complete Guide - 2019 Edition
Gerardus Blokdyk
Pas encore d'évaluation
GIAC Certified Forensics Examiner A Complete Guide - 2021 Edition
D'Everand
GIAC Certified Forensics Examiner A Complete Guide - 2021 Edition
Gerardus Blokdyk
Pas encore d'évaluation
GIAC Certified Intrusion Analyst A Complete Guide - 2020 Edition
D'Everand
GIAC Certified Intrusion Analyst A Complete Guide - 2020 Edition
Gerardus Blokdyk
Pas encore d'évaluation
AlienVault PCI DSS 3.0 Compliance
Document5 pages
AlienVault PCI DSS 3.0 Compliance
bangibet
Pas encore d'évaluation
Intrusion Detection Systems A Complete Guide - 2021 Edition
D'Everand
Intrusion Detection Systems A Complete Guide - 2021 Edition
Gerardus Blokdyk
Pas encore d'évaluation
Advanced Threat Solution: Tentokrát Více o Koncovém Zařízení
Document65 pages
Advanced Threat Solution: Tentokrát Více o Koncovém Zařízení
Javed Hashmi
Pas encore d'évaluation
AlienVault Component Communicationx
Document12 pages
AlienVault Component Communicationx
Reallykul Kuul
100% (1)
EPO Web API Scripting Guide En-Us
Document40 pages
EPO Web API Scripting Guide En-Us
danipajbr
Pas encore d'évaluation
DLP A Complete Guide - 2021 Edition
D'Everand
DLP A Complete Guide - 2021 Edition
Gerardus Blokdyk
Pas encore d'évaluation
Privileged Access Management Tools Standard Requirements
D'Everand
Privileged Access Management Tools Standard Requirements
Gerardus Blokdyk
Pas encore d'évaluation
The Hive Soc
Document37 pages
The Hive Soc
Hafiz Safwan
100% (2)
Maturing Security Operations Centers A Complete Guide - 2021 Edition
D'Everand
Maturing Security Operations Centers A Complete Guide - 2021 Edition
Gerardus Blokdyk
Pas encore d'évaluation
1.3-Basic Packet Analysis Wireshark
Document43 pages
1.3-Basic Packet Analysis Wireshark
nbadung
100% (1)
Qualys Third Edition
D'Everand
Qualys Third Edition
Gerardus Blokdyk
Pas encore d'évaluation
Point Of Zero Trust A Complete Guide - 2019 Edition
D'Everand
Point Of Zero Trust A Complete Guide - 2019 Edition
Gerardus Blokdyk
Pas encore d'évaluation
Netstat A Complete Guide - 2021 Edition
D'Everand
Netstat A Complete Guide - 2021 Edition
Gerardus Blokdyk
Pas encore d'évaluation
Hardening Process Checklist
Document1 page
Hardening Process Checklist
Hiren Dhaduk
Pas encore d'évaluation
Asset Attack Vectors: Building Effective Vulnerability Management Strategies to Protect Organizations
D'Everand
Asset Attack Vectors: Building Effective Vulnerability Management Strategies to Protect Organizations
Morey J. Haber
Pas encore d'évaluation
QRadar A Complete Guide - 2021 Edition
D'Everand
QRadar A Complete Guide - 2021 Edition
Gerardus Blokdyk
Pas encore d'évaluation
AlienVault Installation Guide
Document57 pages
AlienVault Installation Guide
Kariston Goya
Pas encore d'évaluation
intrusion detection A Complete Guide - 2019 Edition
D'Everand
intrusion detection A Complete Guide - 2019 Edition
Gerardus Blokdyk
Pas encore d'évaluation
Forcepoint Second Edition
D'Everand
Forcepoint Second Edition
Gerardus Blokdyk
Pas encore d'évaluation
Snort 2.1 Intrusion Detection, Second Edition
D'Everand
Snort 2.1 Intrusion Detection, Second Edition
Brian Caswell
Évaluation : 4 sur 5 étoiles
4/5 (6)
AlienVault Alarm Taxonomy
Document5 pages
AlienVault Alarm Taxonomy
mario_kgl
Pas encore d'évaluation
Intrusion Detection System A Complete Guide - 2019 Edition
D'Everand
Intrusion Detection System A Complete Guide - 2019 Edition
Gerardus Blokdyk
Pas encore d'évaluation
Threat Intelligence Platforms A Clear and Concise Reference
D'Everand
Threat Intelligence Platforms A Clear and Concise Reference
Gerardus Blokdyk
Pas encore d'évaluation
FortiGate IPS Guide
Document52 pages
FortiGate IPS Guide
Pepe Huatuco Camarena
Pas encore d'évaluation
Secrets Management A Complete Guide - 2019 Edition
D'Everand
Secrets Management A Complete Guide - 2019 Edition
Gerardus Blokdyk
Pas encore d'évaluation
Reporting Guide - : e Security
Document26 pages
Reporting Guide - : e Security
ali alzahrani
Pas encore d'évaluation
WP Creating Maintaining Soc PDF
Document15 pages
WP Creating Maintaining Soc PDF
gabymena06
Pas encore d'évaluation
DLP Architecture Second Edition
D'Everand
DLP Architecture Second Edition
Gerardus Blokdyk
Pas encore d'évaluation
IDS A Complete Guide - 2021 Edition
D'Everand
IDS A Complete Guide - 2021 Edition
Gerardus Blokdyk
Pas encore d'évaluation
AlienVault Installation Guide 1.4
Document57 pages
AlienVault Installation Guide 1.4
Itachi Kanade Eucliwood
100% (1)
Snort Installation PDF
Document21 pages
Snort Installation PDF
shubhangi
Pas encore d'évaluation
Building Maturing and Rocking A Security Operations Center Brandie Anderson
Document19 pages
Building Maturing and Rocking A Security Operations Center Brandie Anderson
ellococareloco
Pas encore d'évaluation
Building A Security Operations Center: Randy Marchany VA Tech IT Security Office and Lab Marchany@vt - Edu
Document28 pages
Building A Security Operations Center: Randy Marchany VA Tech IT Security Office and Lab Marchany@vt - Edu
Ahmad Alafeef
0% (1)
LogRhythm Siem 2.0 Flyer
Document2 pages
LogRhythm Siem 2.0 Flyer
jordagro
Pas encore d'évaluation
Cloud Security Handbook for Architects: Practical Strategies and Solutions for Architecting Enterprise Cloud Security using SECaaS and DevSecOps (English Edition)
D'Everand
Cloud Security Handbook for Architects: Practical Strategies and Solutions for Architecting Enterprise Cloud Security using SECaaS and DevSecOps (English Edition)
Ashish Mishra
Pas encore d'évaluation
Threat Intel A Complete Guide - 2021 Edition
D'Everand
Threat Intel A Complete Guide - 2021 Edition
Gerardus Blokdyk
Pas encore d'évaluation
ArcSight Audit Quality SIEM Solution
Document6 pages
ArcSight Audit Quality SIEM Solution
Krishna Kumar
Pas encore d'évaluation
LogRhythm Software Install Guide 7.4.8 RevA
Document123 pages
LogRhythm Software Install Guide 7.4.8 RevA
Paneca
Pas encore d'évaluation
ESA-Resources Cheat Sheet
Document5 pages
ESA-Resources Cheat Sheet
Sanjin Zuhric
Pas encore d'évaluation
Bypassing XSS Detection Mechanisms: - Somdev Sangwan
Document12 pages
Bypassing XSS Detection Mechanisms: - Somdev Sangwan
LIKITH UMESH
Pas encore d'évaluation
Apartment (Villa) Doorphone Single Core Wire Model Connection Diagram Up To 1000 Phones
Document1 page
Apartment (Villa) Doorphone Single Core Wire Model Connection Diagram Up To 1000 Phones
bad3106
Pas encore d'évaluation
Arte Luly 2018 5
Document27 pages
Arte Luly 2018 5
bad3106
Pas encore d'évaluation
Smart Optimize Sample Report
Document10 pages
Smart Optimize Sample Report
bad3106
Pas encore d'évaluation
ZYXEL Price List As of 2 Feb 2018
Document17 pages
ZYXEL Price List As of 2 Feb 2018
bad3106
Pas encore d'évaluation
Awk-3191 Series: Industrial 900 MHZ Wireless Ap/Bridge/Client
Document2 pages
Awk-3191 Series: Industrial 900 MHZ Wireless Ap/Bridge/Client
bad3106
Pas encore d'évaluation
AWK-3131A Series: Industrial IEEE 802.11a/b/g/n Wireless AP/bridge/client
Document3 pages
AWK-3131A Series: Industrial IEEE 802.11a/b/g/n Wireless AP/bridge/client
bad3106
Pas encore d'évaluation
AWK-1131A Series: Entry-Level Industrial IEEE 802.11a/b/g/n Wireless AP/client
Document3 pages
AWK-1131A Series: Entry-Level Industrial IEEE 802.11a/b/g/n Wireless AP/client
bad3106
Pas encore d'évaluation
Website Hacking
Document23 pages
Website Hacking
suraj.hitech76
Pas encore d'évaluation
Certification Schemes at European Level For Cyber Security Skills of ICS SCADA
Document46 pages
Certification Schemes at European Level For Cyber Security Skills of ICS SCADA
bad3106
Pas encore d'évaluation