Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5

Download as PPTX, PDF
AlienVault
AlienVault

OSSIM v4.5 is here! With a focus on ease of use, better error control, and suggestions to make your security visibility more complete, OSSIM v4.5 works hard to save you time. Join us for this FREE user training session to learn more about what's new in OSSIM v4.5: Streamline workflows: The more intuitive, easy to use, and consistent user interface helps you accomplish daily tasks in less time Reduce blindspots: OSSIM v4.5 alerts you of network assets that aren't sending events to OSSIM so you can quickly add them Avoid service disruptions: OSSIM v4.5 proactively alerts you of impending errors related to disk space utilization, IDS packet capture issues, etc. Plus, we'll give an overview of how you can improve threat detection and simplify incident response with the AlienVault Labs Threat Intelligence feed included in AlienVault Unified Security Management™ USM).

1 of 20
MARCH 2014 What’s New in AlienVault OSSIM v4.5? OSSIM Community Webinar
COMMUNITY GUIDELINES Community members are not leads We are a commercial company OSSIM is not trialware If you see something, say something http://forums.alienvault.com/discussion/4/
AGENDA V4.5 Feature Overview Examples of how to use OSSIM OSSIM vs. USM Open Questions
New v4.5 Features
SUMMARY OF NEW FEATURES New Look and Feel New Plugin Suggestion Engine New Errors and Warnings Dashboard First Time Wizard Improvement New Status Monitors
NEW LOOK AND FEEL Feature Summary:  Color, layout, and style improvements  Common library of UI elements (buttons, tables, interaction, workflow) Value to You:  More intuitive, consistent, and easy to use  Predictable, consistent interaction and workflow  Reduced learning curve, increased time to value – “results in day one”
PLUGIN SUGGESTION ENGINE Feature Summary:  Identify assets sending data but with no plugin enabled  Identify assets not sending data and with no plugin enabled  Offer suggestions and built-in workflow to enable the proper plugin Value to You:  More easily identify assets with no data collection and help the user easily enable the right plugin  Increase time to value when configuring new assets.
NEW WARNINGS & ERRORS DASHBOARD Feature Summary:  Warn administrators of conditions that require attention  Provide suggestions on how to resolve the error or warning Value to You:  Self-monitoring to prevent system failure  Proactive notification
FIRST TIME WIZARD IMPROVEMENT Feature Summary:  Separated the Log Management step into two separate pages  Provide better clarity about each asset, plugin selected, and if AlienVault is receiving data. Value to You:  Make the log management section more intuitive and easy to use.  Provide better information to tell the user if AlienVault is collecting data or not.
NEW STATUS MONITORS Feature Summary:  Built-in monitors to assess the system for failure conditions Monitors Available:  The Asset is not sending any log to the system  Asset is sending log to the system, but there isn't a plugin enabled to parse the logs  The Asset was successfully sending logs to the system, but no log received within the last 24 hours  The System is dropping packets, overloaded  The System is dropping packets, malformed network packets  The System Disk space is under 25%  The System Disk space is under 10%
Use OSSIM to Answer Simple Questions
Is one of your system administrators running a bittorrent in the data center?
What known malicious hosts are your systems talking to?
Which of my vulnerable assets are under attack?
OSSIM vs. USM
DIFFERENCE BETWEEN OSSIM AND USM OSSIM USM Support Community Commercial Management - Centralized Administration and Configuration Threat Intelligence Community Developed AV Labs Threat Intelligence Subscription Reporting Community Developed 100+ Compliance and Threat Reports Access Control - Rich RBAC with Permission Templates Deployment Types Flat Deployments Single / Multi-Tiered Small Business to Enterprise
http://www.alienvault.com/marketing/smb-bundles
SMALL BUSINESS BUNDLE OPTIONS
http://forums.alienvault.com
Jim Hansen Sr. Director, Product Management jhansen@alienvault.com

More Related Content

OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5

  • 1. MARCH 2014 What’s New in AlienVault OSSIM v4.5? OSSIM Community Webinar
  • 2. COMMUNITY GUIDELINES Community members are not leads We are a commercial company OSSIM is not trialware If you see something, say something http://forums.alienvault.com/discussion/4/
  • 3. AGENDA V4.5 Feature Overview Examples of how to use OSSIM OSSIM vs. USM Open Questions
  • 5. SUMMARY OF NEW FEATURES New Look and Feel New Plugin Suggestion Engine New Errors and Warnings Dashboard First Time Wizard Improvement New Status Monitors
  • 6. NEW LOOK AND FEEL Feature Summary:  Color, layout, and style improvements  Common library of UI elements (buttons, tables, interaction, workflow) Value to You:  More intuitive, consistent, and easy to use  Predictable, consistent interaction and workflow  Reduced learning curve, increased time to value – “results in day one”
  • 7. PLUGIN SUGGESTION ENGINE Feature Summary:  Identify assets sending data but with no plugin enabled  Identify assets not sending data and with no plugin enabled  Offer suggestions and built-in workflow to enable the proper plugin Value to You:  More easily identify assets with no data collection and help the user easily enable the right plugin  Increase time to value when configuring new assets.
  • 8. NEW WARNINGS & ERRORS DASHBOARD Feature Summary:  Warn administrators of conditions that require attention  Provide suggestions on how to resolve the error or warning Value to You:  Self-monitoring to prevent system failure  Proactive notification
  • 9. FIRST TIME WIZARD IMPROVEMENT Feature Summary:  Separated the Log Management step into two separate pages  Provide better clarity about each asset, plugin selected, and if AlienVault is receiving data. Value to You:  Make the log management section more intuitive and easy to use.  Provide better information to tell the user if AlienVault is collecting data or not.
  • 10. NEW STATUS MONITORS Feature Summary:  Built-in monitors to assess the system for failure conditions Monitors Available:  The Asset is not sending any log to the system  Asset is sending log to the system, but there isn't a plugin enabled to parse the logs  The Asset was successfully sending logs to the system, but no log received within the last 24 hours  The System is dropping packets, overloaded  The System is dropping packets, malformed network packets  The System Disk space is under 25%  The System Disk space is under 10%
  • 11. Use OSSIM to Answer Simple Questions
  • 12. Is one of your system administrators running a bittorrent in the data center?
  • 13. What known malicious hosts are your systems talking to?
  • 14. Which of my vulnerable assets are under attack?
  • 16. DIFFERENCE BETWEEN OSSIM AND USM OSSIM USM Support Community Commercial Management - Centralized Administration and Configuration Threat Intelligence Community Developed AV Labs Threat Intelligence Subscription Reporting Community Developed 100+ Compliance and Threat Reports Access Control - Rich RBAC with Permission Templates Deployment Types Flat Deployments Single / Multi-Tiered Small Business to Enterprise
  • 20. Jim Hansen Sr. Director, Product Management jhansen@alienvault.com