ISE6100 GIAC Enterprises Final Step By Step Description

by Alyssa Robinson, David Fletcher, and Wes Whitteker
Sept. 1, 2017 0 comments SANS Institute Detection & Response free and open source software

GIAC Enterprises, a small to medium size business, has grown to a point where their current manual log analysis process is no longer efficient or effective. As such, GIAC Enterprises was forced to look for a SIEM solution that automates the correlation and analysis of system logs. GIAC Enterprises had a significant financial constraint, which required them to focus their investigation on several open source solution options. After investigation, GIAC Enterprises settled on AlienVault’s OSSIM product for their solution. The result of this research is the following OSSIM implementation guide.