Video Screencast Help
Search Video Help Close Back
to help

Symantec Security Information Manager

Results for Symantec Security Information Manager

SSIM Incident prioritization
There should be a way to prioritize incidents without the asset being on asset table, for example if any machine was part of 2 or more incidents within a day then changing the severity to 5. (Security, Symantec Security Information Manager, ...
Idea by Vikram Kumar-SA... | 03 Feb 2013 | 0 comments
SSIM Incident Reports
There should be a default query on finding the number of times an Rule was triggered in a month or for specific time period. This is very important for repoting purpose, they should also bein a such way that Open, in-work and closed incident can be ...
Idea by Vikram Kumar-SA... | 03 Feb 2013 | 0 comments
SSIM Incident Search
There should be a way to search an IP/Hostname on the incident list. Currently there is no way of knowing how many incident an Server/machine is generating. i.e. Want to know how many incident was generated by a machine in past week or today.   ...
Idea by Vikram Kumar-SA... | 03 Feb 2013 | 1 comment
SSIM default rules
Would like to see more technology based generic rules in SSIM that would work regargless of any product used. Like Port Scans and Port Sweeps. BOT Rules needs to be modifed or more IRC ports added. Also if there can be addition on technology ...
Idea by Vikram Kumar-SA... | 03 Feb 2013 | 1 comment
SSIM v4.7 Rule-Scan Followed by Exploit appears broken
I need a solution Hello, I've pursued a solution to this problem in several areas, including Symantec solution without resolve. I will try to explain the scenario that causes ...
Forum Discussion by JH-Analyst | 01 Feb 2013 | 0 comments
Create anti-virus recovery disc from Endpoint
To create a SERT disc you have to logon to Symantec, give a key, download an iso, burn it to a disc, and add definitions or allow SERT to download them ( I have never been able to get the iso to see whether the program can update its own ...
Idea by bsmoltz | 28 Feb 2013 | 2 comments
You Might Be an APT Victim if… - Part 1
InfoWorld recently ran an interesting article discussing 5 signs that indicate you might be the victim of an Advanced Persistent Threat ( ...
Blog Entry by franklin-witter | 01 Feb 2013 | 1 comment
SSIM Application Security Monitoring
I need a solution Hi All, I've to configure SSIM for Application Security Monitoring. Do we have any KT articles or guides in configuring these. Appreciate your assistance. ...
Forum Discussion by SSIM_Implementor | 31 Jan 2013 | 8 comments
Regular Expressions (RegEx) within Correlation rules
I need a solution Trying to determine the proper regex format/strcuture that SSIM uses.  I have used regex in the past with much success in other applications and event filters. ...
Forum Discussion by Phife35 | 30 Jan 2013 | 6 comments
SSIM Rules Improvements - 4.7.4
I do not need a solution (just sharing information) In In operation of the SSIM against a diverse range of equipment I have found the default rules have some things that should be ...
Forum Discussion by GarethR | 30 Jan 2013 | 8 comments