Sent from my Windows® phone.
-----Original Message----- From: Michael Starks <[email protected]> Sent: Thursday, January 07, 2010 11:27 AM To: [email protected] <[email protected]> Subject: Re: [ossec-list] PCI document on the front page is very misleading On Thu, 7 Jan 2010 08:01:20 +0000, Matthew Macdonald-Wallace <[email protected]> wrote: > We've started to use ossim to cover this one, its got ossec inside as well > as a ticket management system, snort, nagios and openvas/nessus it covers > just about all of that section of the PCI. I have been considering OSSIM but generally don't like meta-products because they limit the hardening choices and ability to upgrade the individual pieces. How does OSSIM stack up in this respect? I also read that there is no authentication or encryption between the various tiers, so that would be a big problem for me. -- Michael Starks [I] Immutable Security http://www.immutablesecurity.com Information Security, Privacy and Personal Liberty
