RE: Security Central Consoles

From: Matthew F. Caldwell (mattc@guarded.net)
Date: 10/25/02


Date: Fri, 25 Oct 2002 13:55:26 -0400
From: "Matthew F. Caldwell" <mattc@guarded.net>
To: "Rivera Alonso, David" <drivera@iberdrola.es>, <security-basics@securityfocus.com>

David,

    A number of products on the market do what you're describing,
NetForensics, E-Security, and of course neuSECURE (Marketing Plug). I
would encourage you to take a look at my white paper, on the Guarded.Net
website it talks about the different types of correlation and what is to
come. If you would like, I'll be glad to send you my sides from this
year's presentation at Black Hat (August 2002) on correlation.

Matthew F. Caldwell, CISSP
Chief Security Officer
Guarded Net Inc.
www.guarded.net

-----Original Message-----
From: Rivera Alonso, David [mailto:drivera@iberdrola.es]
Sent: Thursday, October 24, 2002 11:50 AM
To: security-basics@securityfocus.com
Subject: Security Central Consoles

Dear friends,

I'm working on a report about existing Central Consoles that can gather
and
centralize security information and alerts in a company network (IDS
alerts,
Firewall logs...). I mean, they are supposed to correlate all the events
and
signals and give exact alerts to the operator watching the console.

Can you point me to the best products out there?

Many thanks,

DAVID



Relevant Pages

  • RE: Security Central Consoles
    ... Be careful with Correlation and Consolidation part, ... Subject: Security Central Consoles ... centralize security information and alerts in a company network (IDS alerts, ...
    (Security-Basics)
  • RE: Views and Correlation in Intrusion Detection
    ... correlation is supposed to give you. ... (random port probes against your firewall, zone transfers, most of ... BlackICE's "port probe" alerts, etc...) ... >>severity of the attack becomes increased to critical, ...
    (Focus-IDS)
  • Security Central Consoles
    ... I'm working on a report about existing Central Consoles that can gather and ... centralize security information and alerts in a company network (IDS alerts, ... Firewall logs...). ...
    (Security-Basics)