ALIEN VAULT
Unified Security Management Delivers Advanced Security in the Cloud & On-Premises
AlienVault® Unified Security Management™ (USM™) is a comprehensive approach to security monitoring, delivered in a unified platform. The USM platform includes five essential security capabilities that provide resource-constrained organizations with all the security essentials needed for effective threat detection, incident response, and compliance, in a single pane of glass.
Designed to monitor cloud, hybrid cloud and on-premises environments, AlienVault USM significantly reduces complexity and deployment time so that you can go from installation to first insight in minutes – talk about fast threat detection!
Designed to monitor cloud, hybrid cloud and on-premises environments, AlienVault USM significantly reduces complexity and deployment time so that you can go from installation to first insight in minutes – talk about fast threat detection!
USM overcomes the limitations of traditional point solutions with a complete platform that:
- Unifies essential security controls into a single all-in-one security monitoring solution
- Monitors your cloud, hybrid cloud, and on-premises infrastructure
- Delivers continuous threat intelligence to keep you aware of threats as they emerge and change
- Provides comprehensive threat detection and actionable incident response directives
- Deploys quickly, easily, and with minimal effort
- Reduces TCO over traditional security solutions
A Unified Platform for Threat Detection & Incident Response
5 Essential Security Capabilities in a Single Console
The Unified Security Management approach eliminates the complexity and costs of integrating and maintaining multiple point solutions. By combining five essential security capabilities, organizations can spend more time responding to threats rather than dealing with the headaches and hassles of deploying and integrating multiple products.
Asset Discovery
Get visibility into the assets and user activity in your cloud and on-premises environments.
Vulnerability Assessment
Scan your cloud and on-premises environments to detect assets, assess vulnerabilities, and deliver remediation guidance.
Intrusion Detection
Inspect traffic between devices and protect critical assets and systems in your cloud and on-premises environments.
Behavioral Monitoring
Identify suspicious behavior and potentially compromised systems.
SIEM
Correlate and analyze security event data from across your cloud and on-premises environments.
Multiple Deployment Options Meet Your Needs
Whether your IT infrastructure resides in your data center, a public cloud, a virtualized private cloud, or any combination of those, we’ve got you covered.
The AlienVault USM family of products includes:
USM Anywhere™ is a cloud-based solution designed to monitor cloud, hybrid cloud, and on-premises environments from the AlienVault Secure Cloud.
USM Anywhere uses lightweight software sensors to natively monitor Amazon Web Services (AWS), Microsoft Azure Cloud, VMware, and Microsoft Hyper-V, and physical IT infrastructure. It centralizes all data collection, security analysis, and threat detection in the AlienVault Secure Cloud, eliminating the need to manage and maintain another box.
Key Features:
- Cloud-based
- Monitors Cloud and On-premises
- Automated Action Response
- Integrated Threat Intelligence
USM Appliance™ is an appliance-based solution designed for organizations that require dedicated on-premises monitoring from their own data centers.
USM Appliance Sensors are distributed to various on-premises networks to scan, monitor, and collect data from the network infrastructure, giving you complete visibility into threats affecting your network, and insights into how to mitigate them. Data is aggregated and stored centrally in a physical or virtual appliance in your data center.
Key Features:
- Appliance-based
- Monitors On-premises Networks
- Management in Your Data Center
- Integrated Threat Intelligence
Actionable Threat Intelligence So You Can Focus on Your Day Job
The AlienVault Labs Security Research Team evaluates hundreds of thousands of threats daily to understand the threat landscape and to deliver a continuous stream of threat intelligence directly to the USM platform. This threat intelligence, combined with data collected from AlienVault’s Open Threat Exchange™ (OTX™), provides you with the information you need to successfully identify and respond to emerging threats in your infrastructure. Learn more ›
What Will You Do with USM on Day One? Here are Some Ideas.
Go from Installation to First Insight in Just Minutes
Achieving complete security visibility used to be time-consuming, expensive, and complex. Collecting the right data, aggregating it, normalizing it, and correlating disparate technologies for a complete view was difficult, if not impossible.
With built-in event correlation rules, a continuous stream of threat intelligence, and the ability to create custom correlation rules, you can get the complete security visibility you deserve.
Quickly answer questions like:
- What’s happening right now that could signal a data breach?
- What do I need to do right now to prevent service outages or malware outbreaks?
- Has one or more of my assets been compromised by ransomware or other malicious software?
- Are any threats detected when correlating firewall logs, Windows events, AWS CloudTrail events, and Azure Insights logs?
Detect & Respond to Threats
Within minutes of installing USM Anywhere or USM Appliance, the built-in asset discovery finds and provides you visibility into the assets in your AWS, Azure, and on-premises environments, determining what software and services are installed on them, how they’re configured, and any potential vulnerabilities and active threats being executed against them.
Quickly answer questions like:
- What devices are on my physical and virtual networks?
- What instances are running in my cloud environments?
- What vulnerabilities exist on the assets in my cloud and network?
- Are there known attackers trying to interact with my cloud and network assets?
Meet Compliance Requirements
We don’t make false promises of 100% protection with our USM platform. The threat landscape changes too quickly. But, we do quickly detect threats and accelerate compliance by delivering unified and coordinated security monitoring capabilities, powered by the latest threat intelligence from the AlienVault Labs Security Research Team and supplemented by the OTX community.
PCI DSS, HIPAA, Sarbanes-Oxley and other compliance mandates are an ongoing concern for many of our customers and we have solid solutions to meet regulatory compliance needs.
USM facilitates compliance by:
- Allowing you to determine performance against compliance requirements, such as mandated vulnerability scans, access controls, logging, and retention of logs
- Enabling you to manage and ensure performance of ongoing compliance tasks
- Producing compliance reports to inform management and help you pass your audits