• Support
  • Forums
  • Blogs
A New Community Experience is Coming! For more information, please see our announcement.

Difference between OSSIM and USM built-In directive


New Life Form


We have recently deployed the OSSIM 5.5 in our environment. I just to check that is there any difference between USM and OSSIM built-in directives in terms of number count? In all the documentation of USM I found that it has more then 2000 built-in directives but in my OSSIM deployment we only have 82 built-in directives. Is it normal or I have to import missing built-in directives from anywhere? If this is normal do we have any document or KB which can provide the details of all the USM built-in directives?

Share post:

Best Answer

  • Answer ✓

    OSSIM Provides a few example directives. USM Appliance, as part of it's expanded featureset, includes more than 2000 directive, an expanded vuln scan,  and an NIDs signature list; all of which are updated as part of the threat feed.

    We do not provide these as a separate download for OSSIM as they are part of the threat subscription offered with USM.

    Alienvault' OSSIM Appliance is capable of providing the same directives for the student, or for someone looking to build their own SEIM, but does require that you create your own directives.
Sign In or Register to comment.