ACARM-ng
STATUS: COMPLETED
ACARM-ng (Alert Correlation, Assessment and Reaction Module – new generation) is a security alert correlation system. Its task is to collect and correlate information coming from IDS components (Intrusion Detection System) located in the network infrastructure.
The aim of this system is to reduce the amount of information (logs) that must be viewed by administrators. The ACARM-ng system allows searching for metainformation on the basis of reported events, enables continuous operation of the system, and its users are e.g. grid system administrators.