What's a security professional to do with all of this data? A variety of tools in the security information management/security event management (SIM/SEM) family offer the consolidated reporting and correlation that you seek. In addition to a number of commercial tools, there are open source options, such as the Open Source Security Information Manager (OSSIM) project. For a more detailed look at the SIM/SEM market, read the tip Security Information Management Finally Arrives, Thanks to Enhanced Features.
- Find out the best possible IDS for an Enterprise Resource Planning system.
- Learn what kinds of network packet data can be extracted from Snort IDS.
This was first published in August 2008