In this blog post, I show how you can use Amazon CloudWatch Logs to collect and aggregate alerts from an open-source security (OSSEC) HIDS. I use a CloudWatch Logs subscription to deliver the alerts to Amazon Elasticsearch Service (Amazon ES) for analysis and visualization with Kibana – a popular open-source visualization tool. read more...
This Quick Start automatically deploys an outbound web filtering proxy on the Amazon Web Services (AWS) Cloud, using the Sophos Unified Threat Management (UTM) virtual appliance. The Quick Start also uses Sophos Outbound Gateway to extend security to multiple virtual private clouds (VPCs). Sophos UTM provides multiple security functions, including firewall, intrusion prevention (IPS), VPN, and web filtering. Sophos Outbound Gateway provides a distributed, fault-tolerant architecture to provide visibility, policy enforcement, and elastic scalability to outbound web traffic....