Michael Mimoso writes "Security firm releases correlation engine as open source.
Security audit and vulnerability management firm Qualys Inc. announced this week that it has released its Quidscor correlation engine as open source. Quidscor merges Qualys vulnerability data with Snort intrusion detection events to reduce IDS false positives up to 70%. Quidscor prioritizes events that need administrative attention. "Enterprises requiring a secure network are wading through the daily flood of information that intrusion detection systems produce, often without the time or resources to remedy," said Yankee Group senior analyst Eric Ogren in a release. "Incorporating the intelligence gained from vulnerability scans provides IT with the tool necessary to filter and prioritize IDS events for the enterprise's unique environment. Network managers can save significant time and energy while better controlling network security with automated correlation of vulnerability assessment scans with IDS event data."
July 30, 2003