To give our customers the very best threat detection and response, our unified platform – AlienVault Unified Security Management (USM) – combines 5 key security capabilities with expert threat intelligence that is updated every 30 minutes with data from the Open Threat Exchange (OTX) that has been analyzed and classified by our AlienVault Labs team.
OTX is the world’s first truly open threat intelligence community that enables collaborative defense with actionable, community-powered threat intelligence.
Better threat detection starts with unified security
AlienVault unifies five essential security tools into one integrated solution
SIEM & Log Management
Single-purpose SIEM software or log management tools provide valuable information, but often require expensive integration efforts to bring in log files from disparate sources such as asset management, vulnerability assessment, and IDS products. With the AlienVault USM™ platform, SIEM is built-in with other essential security tools for complete security visibility that simplifies and accelerates threat detection, incident response, and compliance management.
As soon as AlienVault Unified Security Management™ (USM) is installed, the behavioral monitoring functionality starts gathering data to help you understand “normal” system and network activity. Using the built-in network behavior monitoring you can simplify the incident response when investigating an operational issue or potential security incident. And because AlienVault USM™ combines network behavioral analysis with service availability monitoring, you’ll have a full picture of system, service, and network anomalies.
Automated asset discovery can start you on the path to certainty. AlienVault USM™ combines two core discovery and inventory technologies to give you full visibility into the devices that show up on your network. Passive Network Monitoring highlights hosts on your network and their installed software packages. Active Network Scanning gently probes your network to coax responses from devices. These responses provide clues that help identify the device, the OS, running services, and the software installed on it. It can often identify the software vendor and version without having to send any credentials to the host.
Get intrusion detection for your network that enables you to inspect traffic between devices, not just at the edge. You can also correlate events from your existing IDS/IPS into a single console for complete network visibility while preserving your investments. Network Intrusion Detection System (NIDS) catches threats targeting your vulnerable systems with signature-based anomaly detection and protocol analysis technologies. Identify the latest attacks, malware infections, system compromise techniques, policy violations, and other exposures.
Vulnerability Assessment starts with Asset Discovery, which is essential to have for overall visibility of your network. It also helps you target the range of IPs for your vulnerability scan. Scans can be either done ad-hoc or scheduled on regular intervals. With the number of network security events rising every year, it is essential for you to prioritize your remediation efforts and deploy the most important patches and security updates first. AlienVault USM can report on scanning results regularly to management to assist in documenting remediation progress.
We provide full software service
Hunting for the best solution for your special business needs.
Ensuring the best price and the purchase channel to save your cash.
Helping to make your tools live – deployment, adoption and train.
Advicing you if something doesn’t run like you imagined.