| AlienVault
SIEM is hard enough.
Presenting the OSSIM Made Simple On-Demand Webinar Series
Leonardo Da Vinci said it best: "Simplicity is the ultimate sophistication." Presenting the OSSIM Made Simple Webinar Series—an educational, informative and simple way to unleash the power of OSSIM 4.0. If you have yet to experience open source SIEM, download OSSIM for yourself. You'll join thousands of security researchers, security experts and budget–impaired security practitioners who are fighting for greater security and visibility using this remarkable tool and the power of real–time shared threat data.

Upgrading from OSSIM 3.1 to 4.0
October 4, 2012, 9:00 a.m. (PDT)
During our kick–off session, you'll discover why you should consider upgrading to OSSIM 4 (hint: there are more than 200 enhancements over version 3). New features will be explained and demonstrated including:
  • New Dynamic Asset Inventory, including enhanced forensic visibility into dynamic environments
  • Tools that simplify configuration, monitor system status and configure log collection
  • Faster event processing and reduced storage requirements
  • Tips for preventing data loss and downtime during your upgrade
Adding Data Sources
October 11, 2012, 9:00 am (PDT)
To get the most from your SIEM, you need to capture and aggregate logging data from seemingly unlimited data sources—firewalls, routers, domain servers, databases and countless endpoints. So which ones will yield the greatest security insights? What's the most efficient way to capture useful data, and what's the best way to achieve this without overwhelming your SIEM?
During this webinar session, an AlienVault Solutions Architect will offer valuable advice, including tips on how a free plug-in can simplify the process of capturing and normalizing data. You'll discover how to:
  • Set up devices
  • Configure plug-ins
  • Import various logs, events and other information
  • Increase event awareness
  • Adapt collection to your organizational needs
Creating Correlation Rules
October 25, 2012, 9:00 am (PDT)
Make a correlation between events, rules and security enforcement. During this important webinar, an AlienVault Solutions Architect will explain why correlation rules are the heart of SIEM, how to effectively correlate threats with protections, and how to link your rules to policies. In addition, you'll discover how to create efficient rules that minimize noise and false positives to help you save time and obtain actionable results.
In this webinar, you will learn how to:
  • Write correlations from one or more sources
  • Turn correlation information into actionable alarms
  • Minimize false positives and noise
  • Use correlations to enforce your security policies
  • Creating AlienVault Policies and Actions
    November 8, 2012, 9:00 am (PST)
    Want security information and event management that lives up to its promises? Start with policies and actions that get results. Whether you're refining your SIEM or building a comprehensive Security Operations Center, policies and actions play a key role.
    This OSSIM Made Simple Webinar is another hands-on technical session taught by one of AlienVault's best Solutions Architects. This session will build upon the "Creating Correlation Rules" Webinar, to help you implement policies and actions that:
    • Control the flow of information between AlienVault components
    • Mitigate noise
    • Turn security policies into security practice
    • Execute actions based on events
    • Effectively enforce your security policies
    Performing Network Vulnerability Assessment
    November 29, 2012, 9:00 am (PST)
    Do you know what's vulnerable on your network? Are there ports that have been inadvertently left open? Are there important patches that haven't been deployed? Are default system passwords still active?
    In this webinar, you'll see first-hand how to perform a penetration test that highlights the same vulnerabilities that hackers—and compliance regulators—are looking for. Discover how to use OSSIM to find and fix system vulnerabilities while you document PCI compliance for auditors. Learn how to:
    • Prioritize asset vulnerabilities and mitigation strategies
    • Recognize vulnerabilities in your network before someone else does
    • Catalog assets and capabilities
    • Satisfy compliance criteria
    • Schedule assessments at periodic intervals