lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: Arian.Evans at fishnetsecurity.com (Evans, Arian)
Subject: Affordable Network Behavior Analysis alternatives

> > My question is simple, are there any other commercial 
> > out-of-the-box alternatives to QRadar? Something that isn't 
> > going to cost me >$40,000 to deploy?
> 
> All the ones I have seen so far are megabucks (Qradar and 
> Arbor Networks). I will be checking out intrusense as soon
> as I can get a demo copy based on everyone elses positive replies.

Lancope and Securify both have appliances that start in the 10k
range. Mazu has a nice offering too, but I'm not sure if they ever
came out with anything affordable for smaller environments (at one
time it was about 120k+ to get in the door if I remember correctly).

Personally I think Stealthwatch is the easiest to configure/tune of
the ones I've seen mentioned above (I've not seen Intrusense's nsight).

Securify has limited protocol validation going for it too, if you don't
already have that in your NIDS. Stealthwatch also has some strong
points like setting ACLs when needed.

Not knowing how many collection points you need, how much
traffic you have (and how easily you can aggregate it) it's hard
to say whether or not you can get by on one 10k appliance.

Good luck, and sorry for the auto-disclaimer that will be attached
to my email as soon as it leaves my mail server,

Arian Evans
Sr. Security Engineer
FishNet Security

KC Office:  816.421.6611
Direct: 816.701.2045
Toll Free:  888.732.9406
Fax:  816.474.0394

http://www.fishnetsecurity.com



The information transmitted in this e-mail is intended only for the addressee and may contain confidential and/or privileged material. 
Any interception, review, retransmission, dissemination, or other use of, or taking of any action upon this information by persons or entities
other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you received this communication 
in error, please contact us immediately at 816.421.6611, and delete the communication from any computer or network system.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ