|
OSSIM
Software release life cycle OSSIM (Open Source Security Information Management) was formerly an open source security information and event management system, integrating a selection of tools designed to aid network administrators in computer security, intrusion detection and prevention. In December, 2024, LevelBlue announced OSSIM is being retired. The project began in 2003 as a collaboration between Dominique Karg, Julio Casal and later Alberto Román. In 2008 it became the basis for their company AlienVault. Following the acquisition of the Eureka project label and completion of R&D, AlienVault began selling a commercial derivative of OSSIM ('AlienVault Unified Security Management'). AlienVault was acquired by AT&T Communications and renamed AT&T Cybersecurity in 2018. In 2024, cybersecurity investor WillJam Ventures officially launched LevelBlue, a joint venture with AT&T, to form a new, standalone managed cybersecurity services business. OSSIM had four major-version r ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Eureka (organisation)
Eureka (often abbreviated as E!, or Σ!) is an intergovernmental organisation for research and development funding and coordination. Eureka is an open platform for international cooperation in innovation. Organisations and companies applying through Eureka programmes can access funding and support from national and regional ministries or agencies for their international R&D projects. , Eureka has 43 full members, including the European Union (represented by the European Commission) and four associated members (Argentina, Chile, South Africa, and Singapore). All 27 EU Member States are also members of Eureka. Eureka is not an EU research programme, but rather an intergovernmental organisation of national ministries or agencies, of which the EU is a member. Cooperation and synergy are sought between Eureka and the research activities of the EU proper, such as with European Union's Horizon 2020 and the European Research Area. History Founded in 1985 by prominent European politi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
LevelBlue
LevelBlue (formerly AT&T Cybersecurity) is a managed security service provider. Cybersecurity investor WillJam Ventures officially launched LevelBlue, a joint venture with AT&T, to form a new, standalone managed cybersecurity services business at RSA Conference 2024. LevelBlue offers managed security services, consulting, threat intelligence and research. Products LevelBlue is a managed security services business. Product and services include: Cybersecurity Consulting Services that provide assessment, planning and advisory through the LevelBlue Consulting team. LevelBlue Consulting services include security strategy and build cyber resilience through Zero Trust, risk mitigation, and compliance assurance. Managed Security Services for Network Security, Threat Detection and Response, and Endpoint Security offer a strategic extension to help organizations simplify cybersecurity to deliver greater insights. LevelBlue Managed Security Services drive efficiency in security operati ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Open-source Software
Open-source software (OSS) is Software, computer software that is released under a Open-source license, license in which the copyright holder grants users the rights to use, study, change, and Software distribution, distribute the software and its source code to anyone and for any purpose. Open-source software may be developed in a collaborative, public manner. Open-source software is a prominent example of open collaboration, meaning any capable user is able to online collaboration, participate online in development, making the number of possible contributors indefinite. The ability to examine the code facilitates public trust in the software. Open-source software development can bring in diverse perspectives beyond those of a single company. A 2024 estimate of the value of open-source software to firms is $8.8 trillion, as firms would need to spend 3.5 times the amount they currently do without the use of open source software. Open-source code can be used for studying and a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Operating System
An operating system (OS) is system software that manages computer hardware and software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for efficient use of the system and may also include accounting software for cost allocation of Scheduling (computing), processor time, mass storage, peripherals, and other resources. For hardware functions such as input and output and memory allocation, the operating system acts as an intermediary between programs and the computer hardware, although the application code is usually executed directly by the hardware and frequently makes system calls to an OS function or is interrupted by it. Operating systems are found on many devices that contain a computerfrom cellular phones and video game consoles to web servers and supercomputers. , Android (operating system), Android is the most popular operating system with a 46% market share, followed ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
MAC Address
A MAC address (short for medium access control address or media access control address) is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment. This use is common in most IEEE 802 networking technologies, including Ethernet, Wi-Fi, and Bluetooth. Within the Open Systems Interconnection (OSI) network model, MAC addresses are used in the medium access control protocol sublayer of the data link layer. As typically represented, MAC addresses are recognizable as six groups of two hexadecimal digits, separated by hyphens, colons, or without a separator. MAC addresses are primarily assigned by device manufacturers, and are therefore often referred to as the burned-in address, or as an Ethernet hardware address, hardware address, or physical address. Each address can be stored in the interface hardware, such as its read-only memory, or by a firmware mechanism. Many network interfaces, however, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Arpwatch
arpwatch is a computer software tool for monitoring Address Resolution Protocol traffic on a computer network. It generates a log of observed pairing of IP addresses with MAC addresses along with a timestamp when the pairing appeared on the network. It also has the option of sending an email to an administrator when a pairing changes or is added. Network administrators monitor ARP activity to detect ARP spoofing, network flip-flops, changed and new stations and address reuse. arpwatch was developed by Lawrence Berkeley National Laboratory, Network Research Group, as open-source software and is released under the BSD license. See also * ArpON *arping arping is a software utility for discovering hosts on a computer network by sending link layer frames using Address Resolution Protocol (ARP) requests addressed to a host identified by its MAC address. The utility may use ARP to resolve an IP ad ... * Ettercap References External links Source files Free network management ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OpenVAS
OpenVAS (''Open Vulnerability Assessment Scanner'', originally known as ''GNessUs'') is the scanner component of Greenbone Vulnerability Management (GVM), a software framework of several services and tools offering vulnerability scanning and vulnerability management. All Greenbone Vulnerability Management products are free software, and most components are licensed under the GNU General Public License (GPL). Plugins for Greenbone Vulnerability Management are written in the Nessus Attack Scripting Language, NASL. History Greenbone Vulnerability Manager began under the name of OpenVAS, and before that the name GNessUs, as a fork of the previously open source Nessus scanning tool, after its developers Tenable Network Security changed it to a proprietary (closed source) license in October 2005. OpenVAS was originally proposed by pentesters at SecuritySpace, discussed with pentesters at Portcullis Computer Security and then announced by Tim Brown on Slashdot. Greenbone Vuln ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Nagios
Nagios is an event monitoring system that offers monitoring and alerting services for servers, switches, applications and services. It alerts users when things go wrong and alerts them a second time when the problem has been resolved. Ethan Galstad and a group of developers originally wrote Nagios as ''NetSaint''. , they actively maintain both the official and unofficial plugins. Nagios is a recursive acronym: "Nagios Ain't Gonna Insist On Sainthood" – "sainthood" makes reference to the original name ''NetSaint'', which changed in response to a legal challenge by owners of a similar trademark. " Agios" (or "hagios") also transliterates the Greek word ''άγιος'', which means "saint". Nagios was originally designed to run under Linux, but it also runs on other Unix variants. It is free software licensed under the terms of the GNU General Public License version 2 as published by the Free Software Foundation. History On 16 January 2014, Nagios Enterprises redirected ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
NetFlow
NetFlow is a feature that was introduced on Cisco routers around 1996 that provides the ability to collect IP network traffic as it enters or exits an interface. By analyzing the data provided by NetFlow, a network administrator can determine things such as the source and destination traffic, class of service, and the causes of congestion. A typical flow monitoring setup (using NetFlow) consists of three main components: * Flow exporter: aggregates packets into flows and exports flow records towards one or more flow collectors. * Flow collector: responsible for reception, storage and pre-processing of flow data received from a flow exporter. * Analysis application: analyzes received flow data in the context of intrusion detection or traffic profiling, for example. Protocol description Routers and switches that support NetFlow can collect IP traffic statistics on all interfaces where NetFlow is enabled, and later export those statistics as NetFlow records toward at least one Ne ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Munin (network Monitoring Application)
Munin is a free and open-source computer system monitoring, network monitoring, and infrastructure monitoring software application. Munin is written in Perl and uses RRDtool to create graphs, which are accessible over a web interface. Its emphasis is on plug and play capabilities. About 500 monitoring plugins are currently available. It is intended to make it easy to determine "what's different today" when a performance problem happens and to provide visibility into capacity and utilization of resources. History Munin was started by Audun Ytterdal and Jimmy Olsen in late 2003, based on RRDtool by Tobi Oetiker. Development has slowed since 2005, but Munin is a stable tool and is still maintained. “Its name is derived from Norse mythology. One of the two ravens who report the news of the world to the god Odin is called Munin, and the other is named Hugin. Munin is 'memory', and Hugin is 'thought'.” Architecture Plugins Plugins are the specialized programs that are cal ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Suricata (software)
Suricata is an open-source based intrusion detection system (IDS) and intrusion prevention system (IPS). It was developed by the Open Information Security Foundation (OISF). A beta version was released in December 2009, with the first standard release following in July 2010. Features Like other IDSes, Suricata provides threat detection capabilities. Like a firewall Firewall may refer to: * Firewall (computing), a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts * Firewall (construction), a barrier inside a building, designed to limit the spre ..., Suricata provides traffic filtering and monitoring, but Suricata provides network administrators with the ability to write and enforce detection rules. Suricata is able to detect common attack vectors such as port scanning, denial-of-service, pass-the-hash, and brute-force attacks. Typically, a major update of Suricata is released every 3 months. Ruleset Surica ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Intrusion Detection System
An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically either reported to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms. IDS types range in scope from single computers to large networks. The most common classifications are network intrusion detection systems (NIDS) and host-based intrusion detection systems (HIDS). A system that monitors important operating system files is an example of an HIDS, while a system that analyzes incoming network traffic is an example of an NIDS. It is also possible to classify IDS by detection approach. The most well-known variants are signature-based detection (recognizing bad patterns, such as exploitatio ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
