OSSIM aims to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, BASE, NTOP, Nagios, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security.
|Operating Systems||Mac OS X POSIX BSD Linux|
|Implementation||C Perl PHP PL/SQL|
Release Notes: This release features a completely rewritten logger with a huge performance increase, an HIDS frontend, SIEM analysis improvements like forensics timeline, custom reports derived from custom views, and geopositioning of attackers. Additional new features include Distributed Full packet capture with a centralized Web frontend, user management adjusted to PCI requirements, completely rewritten dashboards, Emerging Threats Pro feed integration, custom and tickets. Enhancements to usability, asset discovery, and the update procedure make this a major release.
Release Notes: This release features a completely reworked reporting interface based on JasperServer, unifying compliance, security, NMS, and inventory reporting. New features also include a completely rewritten scanning interface, a powerful Netflow/Sflow collector interface, a complete PCI wireless compliance interface, and a lot more.
Release Notes: This release corrects lots of security problems that have appeared on the underlying OS during the last months. It also adds clamav and mod-security for self-protection, a ton of ossim bugfixes, and the new alienvault feed for nessus updates.
Release Notes: The OSSIM installer aims at providing an easy to use introduction to new users approaching OSSIM. Besides configuring all the needed components, it provides tools to ease an initial approach for new users to the Security Information Management area. Advanced graphs, viewers, and tuning are included, which would not be possible to achieve using standard OS installation packages.
Release Notes: This is mainly a bugfix release, adjusting the environment to the "blackbox" like environment that ossim is released as.