AlienVault R&D Labs Portal. Get the latest news from our research.
Header

Bubba Xyzzy is born!

November 11th, 2011 | Posted by DK in Alienvault (Company) - (Comments Off)
Happy child with painted hands

Hey all,

we’d like to introduce you to our new little Alien mascot. You’ve seen him for about a month here on the Labs page but he’ll be much more predominant around Alienvault in the near future. No worries, he’ll never become annoying like “Clippy” (“I see you are trying to do a security analysis. Would you like for me to start a vuln scan for you too?” :P).

Anyway, as part of the launch and our upcoming 3.1 release (due on Monday, 2011-11-14), we want to hand out exclusively designed t-shirts of Bubba to people who’ve been active in the community for long (you know who you are), friends of the cause and of course customers (with an active SIEM/Logger suscription).
So, if you are in one of these categories please go ahead and fill in your data here:

T-shirt information form

We’ll let you know when the things ship, unfortunately they’ll arrive next week or the week after, we’d have loved to get them out as sort of a “surprise”.

So, without further delay, please meet Bubba :-)

(btw, the Xyzzy part comes from here: http://en.wikipedia.org/wiki/Xyzzy. Cheers Conrad ;-) )

Alienvault's mascot

DK

Mr Wolf Wannabe.

More Posts - Website

, , ,

New code piece: automatic plugin detection

October 16th, 2011 | Posted by DK in News - (Comments Off)

We just uploaded a snippet written earlier this year, it requires regexp.py and can automatically identify the log type a certain IP is sending via syslog.

DK

Mr Wolf Wannabe.

More Posts - Website

, , , ,

Alienvault cloud SIEM

October 13th, 2011 | Posted by DK in News - (Comments Off)

Ever wanted to try out the pro version of Alienvault OSSIM and see the difference with the opensource? Now you can, go to https://cloud.alienvault.com/signintest/ and get your free user. This is a limited public beta, get them before they’re taken ;-)

DK

Mr Wolf Wannabe.

More Posts - Website

, ,

Logger benchmarking (commercial edition)

October 12th, 2011 | Posted by DK in Alienvault (Company) | Alienvault OSSIM - (Comments Off)

Hey all,

I don’t want this to become a spam forum, nothing further in my intention than this, but Pascal (pcronauer@alienvault.com) just shared some screenshots with us from a customer PoC, which are much more interesting than any internal benchmark we could do  in the labs.

These screenshots show the Logger performing in the worst case scenario; when the search query is not matched while inserting events on disk. Two pics are provided with about 2 weeks of separation and the hardware is a L3000 appliance.

Results are:

  • ~3 seconds for ~ 2.7 billion events.
  • ~4.5 seconds for ~ 3.2 billion events.

These are the final steps of benchmarking and debugging and this new logger iteration should be available before end of the year (3.1 probably, not sure about the versioning tho). More on the final benchmark in the future, I’m thinking about interviewing some of our key people for the Community/Labs page and having Carlos talk about this would be great.

Huge kudos to everyone involved, specially to Carlos, Juanma and Mihnea :-)

Enjoy!

 

DK

Mr Wolf Wannabe.

More Posts - Website

, , ,

New section: feature focus. Today: ip reputation and voice control

October 6th, 2011 | Posted by DK in Blog | Tutorials - (Comments Off)

Hey all,

today I’m proud to introduce the first voice controlled SIEM. One step closer to the war against the machines.

I hope to be doing a lot of these and also to be expanding the tutorials with some videos and such.

Any critics and feedback, be it positive or negative is welcome. The video quality is a bit bad I think and my acting really sucks but it’s the first one, so hey, what do you expect :-)

DK

Mr Wolf Wannabe.

More Posts - Website

, , , ,