Release Notes: This release features a completely rewritten logger with a huge performance increase, an HIDS frontend, SIEM analysis improvements like forensics timeline, custom reports derived from custom views, and geopositioning of attackers. Additional new features include Distributed Full packet capture with a centralized Web frontend, user management adjusted to PCI requirements, completely rewritten dashboards, Emerging Threats Pro feed integration, custom and tickets. Enhancements to usability, asset discovery, and the update procedure make this a major release.
Release Notes: This release features a completely reworked reporting interface based on JasperServer, unifying compliance, security, NMS, and inventory reporting. New features also include a completely rewritten scanning interface, a powerful Netflow/Sflow collector interface, a complete PCI wireless compliance interface, and a lot more.
Release Notes: This release corrects lots of security problems that have appeared on the underlying OS during the last months. It also adds clamav and mod-security for self-protection, a ton of ossim bugfixes, and the new alienvault feed for nessus updates.
Release Notes: The OSSIM installer aims at providing an easy to use introduction to new users approaching OSSIM. Besides configuring all the needed components, it provides tools to ease an initial approach for new users to the Security Information Management area. Advanced graphs, viewers, and tuning are included, which would not be possible to achieve using standard OS installation packages.
Release Notes: This is mainly a bugfix release, adjusting the environment to the "blackbox" like environment that ossim is released as.
Release Notes: This release has many bugfixes, new executive panel plugins (including a nifty geographic positioning one), improved snort logging support, hierarchical metrics, and vulnerability scanning enhancements.
Release Notes: VMOSSIM is a fully working OSSIM environment packaged into a VMWare image. It's got most of the plugins enabled and is intended for uncomplicated and fast deployment, as well as for demonstration and testing purposes. It incudes a set of image management scripts not included with the main OSSIM distribution, which alleviates access to OSSIM by not-so-skilled users.
Release Notes: This version fixes numerous bugs and performance issues. A new agent codebase has been included for easy plugin generation as well as a fully customizable event viewer for plugin visualization. Many improvements have been added as well in terms of vulnerability scan integration, incident handling and reporting, and scalability. A hierarchical server architecture allows for a distributed SIM architecture suitable for very large deployments.
Release Notes: This last release candidate before 0.9.9 fixes numerous bugs and increases performance at the server level. The metrics panel has undergone a major rewrite and should run much better now.
Release Notes: This release fixes some serious server issues, including a couple of possible crashes and some correlation engine issues. At the framework level, the executive panel has been improved, and extra security has been added to rrd data visualization.