SlideShare a Scribd company logo

Whats New in OSSIM v2.3?

AlienVault
AlienVault

This document summarizes the new features and enhancements in AlienVault 2.3, including a multi-tenant user architecture, enriched security taxonomy, improved reporting capabilities, vulnerability assessment upgrades, and network discovery enhancements. The professional version of AlienVault 2.3 adds multi-tenant support, entity-based user permissions, and remote network discovery execution. Compliance reports for standards like SOX, PCI DSS, and HIPAA are also now available.

Technology
1 of 24
What’s New in AlienVault 2.3 New Features and Enhancements June 2010 Juan Manuel Lorenzo (jmlorenzo@alienvault.com)
AlienVault 2.3Overview “The AlienVault Professional SIEM product combines the breadth and flexibility of Open Source software with the features and functionality present in any of AlienVault's competition.“ - Andrew Hay, Sr. Analyst, The 451 Group
Synopsis Two Releases: AlienVault’s Professional SIEM version 2.3 Open Source SIEM (OSSIM) version 2.3 Some Features Available Only With AlienVault Professional SIEM Major Upgrades Reporting User Management Common Taxonomy Multi-Tenant (i.e. MSSP Deployments) 3
New Feature Overview New Features and Enhancements Multi-Tenant User Architecture Enhanced User Management Enriched Security Taxonomy SIEM Console Reports Dashboards Vulnerabilities Distributed Network Discovery Installer Usability Improvements 4
AlienVault 2.3 Details "Just a few hours later our SIEM Practice Manager grabbed me by the arm with a big smile: “You gotta see this!" Remarkably, our network had been auto-discovered, a Vulnerability Assessment had been run, net-flows were being captured, we had real-time visibility to network traffic, a snort ids sensor with an appropriate signature set had been deployed, and basic network monitoring functionality was in place."   - John Verry , Pivot Point Security
Entities Definition: Groups, Departments, Companies... Assign User Permissions to Entities Simplifies AlienVault Management Admin Users for Each Entity Multi-Tenant Architecture 6
Multi-Tenant Architecture Only available when using AlienVault Professional SIEM PROFESSIONAL VERSION OPEN SOURCE 7
Abstraction: Use your Entities and Forget About Networks and Hosts Multi-Tenant Architecture Only available when using AlienVault Professional SIEM 8
User Templates Simplifies user management Inherit permissions from an Entity User Management Only available when using AlienVault Professional SIEM 9
Enriched Security Taxonomy Categorizes All Events Only available when using AlienVault Professional SIEM 10
New Filters in SIEM Console Taxonomy-Based Reports Enriched Security Taxonomy 11
SIEM Console Custom Event Viewer Functionality Merged into SIEM Console Select the events you want to see Select the columns you want to display Save your custom view 12
Dashboards Enhanced Predefined Dashboard Capability Ability to revert to original default dashboards while maintaining custom ones Select the Default Panel 13
New Scanning Options Cancel current scan Scanning Speed-Up Scan only active hosts Openvas plugins tuned Vulnerability Assessment ,[object Object]
Check permissions before scanning
Check network access before scanning14
Vulnerability Assessment OpenVas 3 and Nessus 4.0.2 Support Import/Export Reports in NBE Format New Reporting Options Reports available to other users Reports available to entities (Only in professional version) 15
Report Wizard Reporting System Only available when using AlienVault Professional SIEM 16
Report Wizard Select the the time range, layout and users that will have access to the report Reporting System Only available when using AlienVault Professional SIEM 17
Report Wizard Select the the time range, layout and users that will have access to the report Reporting System Only available when using AlienVault Professional SIEM 18
Report Wizard Configure the sub-reports and add comments Reporting System Only available when using AlienVault Professional SIEM 19
1800+ Reporting Modules New Compliance Reports Taxonomy-Based Reports Automatically include events from different applications and devices Reporting System Only available when using AlienVault Professional SIEM 20
Compliance Reports SOX ISO 27001 PCI DSS HIPAA FISMA Reporting System Only available when using AlienVault Professional SIEM 21
Network Discovery Manage Remote Nmap Scans to do Network Discovery Network Discovery Can Now be Executed from the AlienVault Sensor 22

Recommended

Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Lumension
 
LANDesk Service pack 3 features
LANDesk Service pack 3 featuresLANDesk Service pack 3 features
LANDesk Service pack 3 featuresInfraVision
 
SP3 features
SP3 featuresSP3 features
SP3 featuresAxle-IT
 
Symantec Endpoint Protection 12.1 RU6 MP6
Symantec Endpoint Protection 12.1 RU6 MP6Symantec Endpoint Protection 12.1 RU6 MP6
Symantec Endpoint Protection 12.1 RU6 MP6Sarah Isaacs
 
Mcafee Epolicy Orchestrator
Mcafee Epolicy OrchestratorMcafee Epolicy Orchestrator
Mcafee Epolicy OrchestratorMindRiver Group
 
70-272 Chapter10
70-272 Chapter1070-272 Chapter10
70-272 Chapter10Gene Carboni
 
How to monitor .Net Framework
How to monitor .Net FrameworkHow to monitor .Net Framework
How to monitor .Net FrameworkEgnyte
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesJason Chan
 

Recommended

Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Lumension
 
LANDesk Service pack 3 features
LANDesk Service pack 3 featuresLANDesk Service pack 3 features
LANDesk Service pack 3 featuresInfraVision
 
SP3 features
SP3 featuresSP3 features
SP3 featuresAxle-IT
 
Symantec Endpoint Protection 12.1 RU6 MP6
Symantec Endpoint Protection 12.1 RU6 MP6Symantec Endpoint Protection 12.1 RU6 MP6
Symantec Endpoint Protection 12.1 RU6 MP6Sarah Isaacs
 
Mcafee Epolicy Orchestrator
Mcafee Epolicy OrchestratorMcafee Epolicy Orchestrator
Mcafee Epolicy OrchestratorMindRiver Group
 
70-272 Chapter10
70-272 Chapter1070-272 Chapter10
70-272 Chapter10Gene Carboni
 
How to monitor .Net Framework
How to monitor .Net FrameworkHow to monitor .Net Framework
How to monitor .Net FrameworkEgnyte
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesJason Chan
 
Alien vault _policymanagement
Alien vault _policymanagementAlien vault _policymanagement
Alien vault _policymanagementMarjo'isme Yoyok
 
Technology to Stop Hackers
Technology to Stop Hackers Technology to Stop Hackers
Technology to Stop Hackers Greater Noida Institute Of Technology
 
Mdm with config mgr nico
Mdm with config mgr nicoMdm with config mgr nico
Mdm with config mgr nicoDieter Wijckmans
 
Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015Ivanti
 
Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSymantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSree Harsha Boyapati
 
2009 Quick Heal
2009 Quick Heal2009 Quick Heal
2009 Quick HealV.R.RAO
 
Solaris servers sec
Solaris servers secSolaris servers sec
Solaris servers secRaja Waseem Akhtar
 
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXTECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXSymantec
 
MR201408 SE for Android Overview
MR201408 SE for Android OverviewMR201408 SE for Android Overview
MR201408 SE for Android OverviewFFRI, Inc.
 
Continuous monitoring with OSSIM
Continuous monitoring with OSSIMContinuous monitoring with OSSIM
Continuous monitoring with OSSIMEguardian Global Services
 
Taishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun Owens
 
Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Ivanti
 
Audit Vault Database Firewall 12.2.0.1.0 installation
Audit Vault Database Firewall 12.2.0.1.0 installationAudit Vault Database Firewall 12.2.0.1.0 installation
Audit Vault Database Firewall 12.2.0.1.0 installationPinto Das
 
Trusted extensions-gdansk-v1 0
Trusted extensions-gdansk-v1 0Trusted extensions-gdansk-v1 0
Trusted extensions-gdansk-v1 0Kevin Mayo
 
Prueba de Presentacion
Prueba de PresentacionPrueba de Presentacion
Prueba de Presentacionrubychavez
 
USB Lock RP DEMO installation instructions
USB Lock RP DEMO installation instructionsUSB Lock RP DEMO installation instructions
USB Lock RP DEMO installation instructionsJavier Arrospide
 
Symantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentSymantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentIftikhar Ali Iqbal
 
Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Ivanti
 
RuSIEM IT assets
RuSIEM IT assetsRuSIEM IT assets
RuSIEM IT assetsOlesya Shelestova
 
Windows 10 Migration Tips, Tricks, and Strategies
Windows 10 Migration Tips, Tricks, and StrategiesWindows 10 Migration Tips, Tricks, and Strategies
Windows 10 Migration Tips, Tricks, and StrategiesIvanti
 
Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?AlienVault
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Sophos Benelux
 

More Related Content

What's hot

Alien vault _policymanagement
Alien vault _policymanagementAlien vault _policymanagement
Alien vault _policymanagementMarjo'isme Yoyok
 
Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015Ivanti
 
Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSymantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSree Harsha Boyapati
 
2009 Quick Heal
2009 Quick Heal2009 Quick Heal
2009 Quick HealV.R.RAO
 
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXTECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXSymantec
 
MR201408 SE for Android Overview
MR201408 SE for Android OverviewMR201408 SE for Android Overview
MR201408 SE for Android OverviewFFRI, Inc.
 
Taishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun Owens
 
Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Ivanti
 
Audit Vault Database Firewall 12.2.0.1.0 installation
Audit Vault Database Firewall 12.2.0.1.0 installationAudit Vault Database Firewall 12.2.0.1.0 installation
Audit Vault Database Firewall 12.2.0.1.0 installationPinto Das
 
Trusted extensions-gdansk-v1 0
Trusted extensions-gdansk-v1 0Trusted extensions-gdansk-v1 0
Trusted extensions-gdansk-v1 0Kevin Mayo
 
Prueba de Presentacion
Prueba de PresentacionPrueba de Presentacion
Prueba de Presentacionrubychavez
 
USB Lock RP DEMO installation instructions
USB Lock RP DEMO installation instructionsUSB Lock RP DEMO installation instructions
USB Lock RP DEMO installation instructionsJavier Arrospide
 
Symantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentSymantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentIftikhar Ali Iqbal
 
Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Ivanti
 
Windows 10 Migration Tips, Tricks, and Strategies
Windows 10 Migration Tips, Tricks, and StrategiesWindows 10 Migration Tips, Tricks, and Strategies
Windows 10 Migration Tips, Tricks, and StrategiesIvanti
 

What's hot (20)

Alien vault _policymanagement
Alien vault _policymanagementAlien vault _policymanagement
Alien vault _policymanagement
 
Technology to Stop Hackers
Technology to Stop Hackers Technology to Stop Hackers
Technology to Stop Hackers
 
Mdm with config mgr nico
Mdm with config mgr nicoMdm with config mgr nico
Mdm with config mgr nico
 
Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015
 
Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSymantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
 
2009 Quick Heal
2009 Quick Heal2009 Quick Heal
2009 Quick Heal
 
Solaris servers sec
Solaris servers secSolaris servers sec
Solaris servers sec
 
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXTECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
 
MR201408 SE for Android Overview
MR201408 SE for Android OverviewMR201408 SE for Android Overview
MR201408 SE for Android Overview
 
Continuous monitoring with OSSIM
Continuous monitoring with OSSIMContinuous monitoring with OSSIM
Continuous monitoring with OSSIM
 
Taishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_Lab
 
Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015
 
Audit Vault Database Firewall 12.2.0.1.0 installation
Audit Vault Database Firewall 12.2.0.1.0 installationAudit Vault Database Firewall 12.2.0.1.0 installation
Audit Vault Database Firewall 12.2.0.1.0 installation
 
Trusted extensions-gdansk-v1 0
Trusted extensions-gdansk-v1 0Trusted extensions-gdansk-v1 0
Trusted extensions-gdansk-v1 0
 
Prueba de Presentacion
Prueba de PresentacionPrueba de Presentacion
Prueba de Presentacion
 
USB Lock RP DEMO installation instructions
USB Lock RP DEMO installation instructionsUSB Lock RP DEMO installation instructions
USB Lock RP DEMO installation instructions
 
Symantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentSymantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept Document
 
Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016
 
RuSIEM IT assets
RuSIEM IT assetsRuSIEM IT assets
RuSIEM IT assets
 
Windows 10 Migration Tips, Tricks, and Strategies
Windows 10 Migration Tips, Tricks, and StrategiesWindows 10 Migration Tips, Tricks, and Strategies
Windows 10 Migration Tips, Tricks, and Strategies
 

Similar to Whats New in OSSIM v2.3?

Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?AlienVault
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Sophos Benelux
 
Latest & Greatest Observability Release 7.9
Latest & Greatest Observability Release 7.9Latest & Greatest Observability Release 7.9
Latest & Greatest Observability Release 7.9Vitebsk Miniq
 
Monitoring system performance and health of i CEC 2012
Monitoring system performance and health of i CEC 2012Monitoring system performance and health of i CEC 2012
Monitoring system performance and health of i CEC 2012COMMON Europe
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than EverAlienVault
 
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docxeugeniadean34240
 
SCOM 2012 & SCCM 2012
SCOM 2012 & SCCM 2012SCOM 2012 & SCCM 2012
SCOM 2012 & SCCM 2012Amit Gatenyo
 
Comparative Analysis of IT Monitoring Tools
Comparative Analysis of IT Monitoring ToolsComparative Analysis of IT Monitoring Tools
Comparative Analysis of IT Monitoring Toolsapprize360
 
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsUsing SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsLumension
 
Introduction to Nokia Asha software platform 1.0
Introduction to Nokia Asha software platform 1.0Introduction to Nokia Asha software platform 1.0
Introduction to Nokia Asha software platform 1.0Microsoft Mobile Developer
 
What's New in AlienVault v3.0?
What's New in AlienVault v3.0?What's New in AlienVault v3.0?
What's New in AlienVault v3.0?AlienVault
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1solarisyougood
 
Oracle Audit vault
Oracle Audit vaultOracle Audit vault
Oracle Audit vaultuzzal basak
 
Arun Prasad-R.DOCX
Arun Prasad-R.DOCXArun Prasad-R.DOCX
Arun Prasad-R.DOCXArun R
 
3 App Compat Win7
3 App Compat Win73 App Compat Win7
3 App Compat Win7llangit
 
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...VMworld
 
scope of the kaseya smart pilot
scope of the kaseya smart pilotscope of the kaseya smart pilot
scope of the kaseya smart pilotkaseyaindia
 

Similar to Whats New in OSSIM v2.3? (20)

Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
 
SCOM Tips and Tricks
SCOM Tips and TricksSCOM Tips and Tricks
SCOM Tips and Tricks
 
Latest & Greatest Observability Release 7.9
Latest & Greatest Observability Release 7.9Latest & Greatest Observability Release 7.9
Latest & Greatest Observability Release 7.9
 
Monitoring system performance and health of i CEC 2012
Monitoring system performance and health of i CEC 2012Monitoring system performance and health of i CEC 2012
Monitoring system performance and health of i CEC 2012
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
 
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
 
SCOM 2012 & SCCM 2012
SCOM 2012 & SCCM 2012SCOM 2012 & SCCM 2012
SCOM 2012 & SCCM 2012
 
Comparative Analysis of IT Monitoring Tools
Comparative Analysis of IT Monitoring ToolsComparative Analysis of IT Monitoring Tools
Comparative Analysis of IT Monitoring Tools
 
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsUsing SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
 
What is My easy center 2.0 for SCCM ?
What is My easy center 2.0 for SCCM ?What is My easy center 2.0 for SCCM ?
What is My easy center 2.0 for SCCM ?
 
Introduction to Nokia Asha software platform 1.0
Introduction to Nokia Asha software platform 1.0Introduction to Nokia Asha software platform 1.0
Introduction to Nokia Asha software platform 1.0
 
What's New in AlienVault v3.0?
What's New in AlienVault v3.0?What's New in AlienVault v3.0?
What's New in AlienVault v3.0?
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1
 
Oracle Audit vault
Oracle Audit vaultOracle Audit vault
Oracle Audit vault
 
Arun Prasad-R.DOCX
Arun Prasad-R.DOCXArun Prasad-R.DOCX
Arun Prasad-R.DOCX
 
CCVSR_v2.pdf
CCVSR_v2.pdfCCVSR_v2.pdf
CCVSR_v2.pdf
 
3 App Compat Win7
3 App Compat Win73 App Compat Win7
3 App Compat Win7
 
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
 
scope of the kaseya smart pilot
scope of the kaseya smart pilotscope of the kaseya smart pilot
scope of the kaseya smart pilot
 

More from AlienVault

Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsMeltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsAlienVault
 
Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?AlienVault
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultAlienVault
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMAlienVault
 
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...AlienVault
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection RecommendationsAlienVault
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienVault
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideAlienVault
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmAlienVault
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
PCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuidePCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuideAlienVault
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmAlienVault
 
The State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICThe State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICAlienVault
 
Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides finalAlienVault
 
Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMAlienVault
 
Improve Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesImprove Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesAlienVault
 
How Malware Works
How Malware WorksHow Malware Works
How Malware WorksAlienVault
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverAlienVault
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAlienVault
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMAlienVault
 

More from AlienVault (20)

Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsMeltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
 
Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
 
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworks
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's Guide
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usm
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
 
PCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuidePCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step Guide
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usm
 
The State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICThe State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHIC
 
Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides final
 
Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USM
 
Improve Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesImprove Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation Directives
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & Response
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
 

Recently uploaded

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 

Recently uploaded (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Whats New in OSSIM v2.3?

  • 1. What’s New in AlienVault 2.3 New Features and Enhancements June 2010 Juan Manuel Lorenzo (jmlorenzo@alienvault.com)
  • 2. AlienVault 2.3Overview “The AlienVault Professional SIEM product combines the breadth and flexibility of Open Source software with the features and functionality present in any of AlienVault's competition.“ - Andrew Hay, Sr. Analyst, The 451 Group
  • 3. Synopsis Two Releases: AlienVault’s Professional SIEM version 2.3 Open Source SIEM (OSSIM) version 2.3 Some Features Available Only With AlienVault Professional SIEM Major Upgrades Reporting User Management Common Taxonomy Multi-Tenant (i.e. MSSP Deployments) 3
  • 4. New Feature Overview New Features and Enhancements Multi-Tenant User Architecture Enhanced User Management Enriched Security Taxonomy SIEM Console Reports Dashboards Vulnerabilities Distributed Network Discovery Installer Usability Improvements 4
  • 5. AlienVault 2.3 Details "Just a few hours later our SIEM Practice Manager grabbed me by the arm with a big smile: “You gotta see this!" Remarkably, our network had been auto-discovered, a Vulnerability Assessment had been run, net-flows were being captured, we had real-time visibility to network traffic, a snort ids sensor with an appropriate signature set had been deployed, and basic network monitoring functionality was in place."   - John Verry , Pivot Point Security
  • 6. Entities Definition: Groups, Departments, Companies... Assign User Permissions to Entities Simplifies AlienVault Management Admin Users for Each Entity Multi-Tenant Architecture 6
  • 7. Multi-Tenant Architecture Only available when using AlienVault Professional SIEM PROFESSIONAL VERSION OPEN SOURCE 7
  • 8. Abstraction: Use your Entities and Forget About Networks and Hosts Multi-Tenant Architecture Only available when using AlienVault Professional SIEM 8
  • 9. User Templates Simplifies user management Inherit permissions from an Entity User Management Only available when using AlienVault Professional SIEM 9
  • 10. Enriched Security Taxonomy Categorizes All Events Only available when using AlienVault Professional SIEM 10
  • 11. New Filters in SIEM Console Taxonomy-Based Reports Enriched Security Taxonomy 11
  • 12. SIEM Console Custom Event Viewer Functionality Merged into SIEM Console Select the events you want to see Select the columns you want to display Save your custom view 12
  • 13. Dashboards Enhanced Predefined Dashboard Capability Ability to revert to original default dashboards while maintaining custom ones Select the Default Panel 13
  • 14.
  • 16. Check network access before scanning14
  • 17. Vulnerability Assessment OpenVas 3 and Nessus 4.0.2 Support Import/Export Reports in NBE Format New Reporting Options Reports available to other users Reports available to entities (Only in professional version) 15
  • 18. Report Wizard Reporting System Only available when using AlienVault Professional SIEM 16
  • 19. Report Wizard Select the the time range, layout and users that will have access to the report Reporting System Only available when using AlienVault Professional SIEM 17
  • 20. Report Wizard Select the the time range, layout and users that will have access to the report Reporting System Only available when using AlienVault Professional SIEM 18
  • 21. Report Wizard Configure the sub-reports and add comments Reporting System Only available when using AlienVault Professional SIEM 19
  • 22. 1800+ Reporting Modules New Compliance Reports Taxonomy-Based Reports Automatically include events from different applications and devices Reporting System Only available when using AlienVault Professional SIEM 20
  • 23. Compliance Reports SOX ISO 27001 PCI DSS HIPAA FISMA Reporting System Only available when using AlienVault Professional SIEM 21
  • 24. Network Discovery Manage Remote Nmap Scans to do Network Discovery Network Discovery Can Now be Executed from the AlienVault Sensor 22
  • 25. Web Interface Using https VPN Auto-Configured (Only in Professional Version) Secure communications between the different AlienVault components Installer 23