Open Source Security Information Management (OSSIM)

[Dragon X]

I'm relatively new to the Hak5 show and community, but I may have a product that some of you might like to use. I have been tracking this project for about the past 5 years or so http:\\ossim.net. It is an open source IDP/IPS. I know the show and site focuses on how to compromise systems using open source tools, but here is a set of tools geared towards ensuring that people don't get in. Its a bit of a gear shift, but conceptually I love this project. I must admit, I have yet to have tremendous success with it yet, that is why I'm hoping to find a few people here that might be familiar with this project (and possibly get it on the show :D).

[Dragon X]

Please add comments guys. I'm looking for how do you guys feel about using opensource as a security tool versus a pen test tool. If you have used the product, what are your impressions? Is it ready for prime time? TIA

[stingwray]

Open source vs. Pen Test Tool?

Your not even making sense, software engineering philosophy against a software category?

[Dragon X]

What I'm saying, or atleast trying to say, how trusting/comfortable are people with using something like OSSIM to protect and inform them about issues on their network given that it is open. Open source tools are sought after for gaining access to systems. I was trying to get people to give me some feed back on how secure they would feel using it to defend systems. Did that clear things up for you?