Hey all,
The discussion about SIM currently ongoing on the daildave mailing
list (see, for example,
http://lists.immunitysec.com/pipermail/dailydave/2005-December/002725.html)
seems more relevant for this list, but to avoid cross-posting I
figured I will just throw a link. Feel free to restart the discussion
here! :-)
It started from Thomas Ptacek predicting that "There's about $100MM
spent annually on products that manage and correlate logs. Guess what?
None of it is hard to do. The underlying tools are there. Customers
know how to do this better than the vendors do. Expect a mainstream
open-source combination of Argus and Sguil to own the security
management conversation next year" (see
http://www.sockpuppet.org/tqbf/log/2005/12/pro-forma-05-06-punditry-results.html),
then others disagreeing and them me fiercely supporting the latter
side :-)
Best,
--
Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA
http://www.chuvakin.org
http://www.securitywarrior.com
_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Mon Dec 26 2005 - 04:22:30 PST