Hi all,
I’ve been looking around of OS security tools and have come across AlienVault https://www.alienvault.com
Is any one running the ‘AlienVault OSSIM’ (host yourself) or has thoughts on the tool?
Thanks
Sorry for being two months late.
I run AlienVault OSSIM in a Proxmox VM. It uses OpenVAS 9 for vulnerability scanning, and it is much easier to set up for that purpose than installing OpenVAS on Debian or Ubuntu.
I also use its Suricata function… the sniffing interface is connected to a network TAP in order to see my LAN traffic. However, since I’m now running Suricata in pfSense, this may now be redundant.
Im literally about to spin up AlienVault OSSIM, I asked Tom about this just the other day!
Have used it before but not recently - it was OK then but was a monster to get set up.
As an example, I ran a vulnerability scan of pfSense from within the local network… it found one item (nothing to be concerned about). The rest were 55 “info” items.
Thanks gents. What put me off them was AT&T buying them up. So we started looking at Wazuh instead.