RE: [ml] Ricerca prodotti correlazione e analisi eventi di sicurezza

> sono alla ricerca di un prodotto possibilmente Open Source in grado
> di raccogliere e correlare gli eventi generati da più componenti di
> sicurezza eterogenei.

ti va di lusso, NIST ha appena rilasciato:

SP 800-92, Guide to Computer Security Log Management, provides detailed
information on developing, implementing, and maintaining effective log
management practices throughout an enterprise. It includes guidance on
establishing a centralized log management infrastructure, which includes
hardware, software, networks, and media. It also discusses the log management
processes that should be put in place at an organization-wide level, including
the definition of roles and responsibilities and the creation of feasible
logging policies. Guidance is also provided on log management at the
individual system level, such as configuring log generating sources,
supporting logging operations, performing log data analysis, and managing
long-term data storage.

View Document: http://csrc.nist.gov/publications/nistpubs/800-92/SP800-92.pdf

fra le altre cose, nell'appendice C trovi una esaustiva lista di prodotti sia
open source che commerciali.

ciao

misi