Hey all,

we’d like to introduce you to our new little Alien mascot. You’ve seen him for about a month here on the Labs page but he’ll be much more predominant around Alienvault in the near future. No worries, he’ll never become annoying like “Clippy” (“I see you are trying to do a security analysis. Would you like for me to start a vuln scan for you too?” :P).

Anyway, as part of the launch and our upcoming 3.1 release (due on Monday, 2011-11-14), we want to hand out exclusively designed t-shirts of Bubba to people who’ve been active in the community for long (you know who you are), friends of the cause and of course customers (with an active SIEM/Logger suscription).
So, if you are in one of these categories please go ahead and fill in your data here:

T-shirt information form

We’ll let you know when the things ship, unfortunately they’ll arrive next week or the week after, we’d have loved to get them out as sort of a “surprise”.

So, without further delay, please meet Bubba :-)

(btw, the Xyzzy part comes from here: http://en.wikipedia.org/wiki/Xyzzy. Cheers Conrad ;-) )

Big news on the release front. Some features didn’t make it into 3.0 due to QA but now this has been solved and we wanted to roll out a minor release (which is not so minor if you look at the Changelog…) with this data, before heading towards 4.0 (IPv6 support, huge improvements on the multitenancy/multicustomer side and big performance related database structure changes).

So, without further delay, click below if you want to have a look at the 3.1 changelog. We’ll be updating the list (thanks Juanma, Pablo :-) ) as we get more things validated and tested and expect to release late next week. And futhermore, we’ve got a huge surprise hatching on the 11-11-11, I’ll keep you posted.

3.1 (preliminary) Changelog below:

(more…)

We just uploaded a snippet written earlier this year, it requires regexp.py and can automatically identify the log type a certain IP is sending via syslog.

Ever wanted to try out the pro version of Alienvault OSSIM and see the difference with the opensource? Now you can, go to https://cloud.alienvault.com/signintest/ and get your free user. This is a limited public beta, get them before they’re taken ;-)

Hey all,

I don’t want this to become a spam forum, nothing further in my intention than this, but Pascal (pcronauer@alienvault.com) just shared some screenshots with us from a customer PoC, which are much more interesting than any internal benchmark we could do  in the labs.

These screenshots show the Logger performing in the worst case scenario; when the search query is not matched while inserting events on disk. Two pics are provided with about 2 weeks of separation and the hardware is a L3000 appliance.

Results are:

• ~3 seconds for ~ 2.7 billion events.
• ~4.5 seconds for ~ 3.2 billion events.

These are the final steps of benchmarking and debugging and this new logger iteration should be available before end of the year (3.1 probably, not sure about the versioning tho). More on the final benchmark in the future, I’m thinking about interviewing some of our key people for the Community/Labs page and having Carlos talk about this would be great.

Huge kudos to everyone involved, specially to Carlos, Juanma and Mihnea :-)

Enjoy!