OSSIM Logo

Manage Linux Logs on AlienVault OSSIM

Introduction OSSIM is a powerful open source security information and event management (SIEM) operating system. AlienVault OSSIM is the open source version of AlienVault, which is sold by AT&T. I have used OSSIM in professional deployments in the past, and I currently use OSSIM for vulnerability scanning, asset management, and security alerts. OSSIM can often be overly complicated to set up and install, and the documentation available for troubleshooting is sparse. I have learned a lot of great tricks over the years by trial and error. ...

April 19, 2022 · 7 min · Robert D. White
Tails + Unraid Logo

Tails OS with Encrypted Persistence on Unraid as a VM

This post will show you how to run Tails OS as a VM with the Persistence feature enabled. Running Tails as a VM is not recommended generally as it defeats many of the security features in Tails. For example, virtualization requires that you trust the hypervisor host, as the hypervisor has extra privileges over a VM that can reduce security and privacy of the VM. I recommend reading Tails’s official documentation about virtualization considerations before continuing: https://tails.boum.org/doc/advanced_topics/virtualization/ ...

January 24, 2022 · 5 min · Robert D. White
OSSIM + Unraid Graphic

How to Run AlienVault OSSIM as a VM on Unraid

Introduction For this post, I will show you how to setup Unraid to run AlienVault OSSIM as a VM. OSSIM is a powerful open-source SIEM that you can leverage on your network for free. I use OSSIM for network-wide vulnerability scanning and endpoint host intrusion detection. OSSIM’s integrated HIDS is a fork from OSSEC. Additionally, OSSIM integrates with Open Threat Exchange (OTX), which can be installed on Windows, Mac, and Linux endpoints and servers for an up-to-date, open-source vulnerability scanning tool. I deploy the OTX installer via my free Mosyle account (MDM for MacOS) and Intune (MDM for Windows). ...

October 1, 2021 · 4 min · Robert D. White