top of page

ALIEN  VAULT

Unified Security Management with Threat Intelligence Solution

69587df9338c4a65c335c979b15ca2da.png

Why AlienVault?

  • AlienVault's Unified Security Management platform is an all-in-one security platform including SIEM, behavioral monitoring, intrusion detection, asset discovery, vulnerability assessment, threat intelligence and open threat exchange data.

  • You're looking for a great technology to combat with today's sophisticate threats or build your own security operations center (SOC).

  • You're looking for a SIEM with affordable investment plan, starting small with software and scale later to specifically designed hardware.

AlienVault Unified Security Management™ (USM)

image-asset.png

AlienVault Unified Security Management™ (USM) is an all-in-one platform designed and priced to ensure that mid-market organizations can effectively defend themselves against today’s advanced threats.

Unlike traditional SIEM or security point products, AlienVault USM provides:

  • Unified, Coordinated Security Monitoring

  • Simple Security Event Management and Reporting

  • Continuous Threat Intelligence

  • Fast Deployment

  • Multiple Security Functions Without Multiple Consoles

image-asset (1).png

AlienVault's all-in-one USM platform combines three critical components to detect the latest threats targeting your network. The five essential security capabilities deliver complete security visibility. AlienVault Labs delivers expert threat intelligence on emerging threats and how to respond. Global threat data from OTX identifies malicious hosts communicating with your systems.

WHAT ALIENVAULT CAN DO:

SIEM & LOG MANAGEMENT

Quickly correlate & analyze security event data from across your network with built-in SIEM & log management.

  • Log Management

  • Event Correlation

  • Incident Response

  • Reporting and Alarms

image-asset (2).png

BEHAVIORAL MONITORING

Instantly spot suspicious network behavior with NetFlow analysis, service monitoring, & full packet capture.

  • Netflow Analysis

  • Service Availability Monitoring

  • Full packet capture

image-asset (4).png

INTRUSION DETECTION

Detect & respond to threats faster with our built-in network IDS, host-based IDS, & file integrity monitoring.

  • Network IDS

  • Host IDS

  • File Integrity Monitoring (FIM)

image-asset (3).png

VULNERABILITY ASSESSMENT

Identify systems that are vulnerable to exploits with active network scanning & continuous vulnerability monitoring.

  • Network Vulnerability Testing

  • Continuous Vulnerability Monitoring

image-asset (5).png

ASSET DISCOVERY & INVENTORY

Find all assets on your network before a bad actor does with active and passive network discovery. 

  • Active Network Scanning

  • Passive Network Monitoring

  • Asset Inventory

  • Software Inventory

image-asset (6).png

HOW ALIENVAULT IS BETTER THAN OTHER SIEM SOLUTIONS

Traditional SIEM solutions promise to provide what you need – but the path to get there is one most of us can’t afford. Traditional SIEM solutions integrate and analyze the data produced by other security technologies that are already deployed, but unfortunately most mid-market organizations don’t have those other technologies deployed yet!

AlienVault USM provides a different path. In addition to all the functionality of a traditional SIEM, AlienVault USM also builds the essential security capabilities into a single platform with no additional feature charges. And AlienVault’s focus on ease of use and deployment makes it the perfect fit for mid-market enterprises and organizations with limited budget and few in-house resources.

image-asset (7).png
image-asset (8).png
image-asset (9).png

AlienVault Threat Intelligence

image-asset (10).png

In today’s dynamic and evolving threat environment, busy IT security teams don’t have the time or resources to do threat analysis of emerging threats on their own. Instead, they turn to AlienVault Labs to do the research for them with continuous Threat Intelligence updates that are fully integrated into the USM platform for threat assessment, detection, and response.

(Note: The AlienVault Threat Intelligence Service is included in the first year license cost for every USM All-in-One appliance, Standard Server or Enterprise Server.)

Your USM platform receives updates every 30 minutes from the AlienVault Labs threat research team. This dedicated team spends countless hours analyzing the different types of attacks, emerging threats, suspicious behavior, vulnerabilities and exploits they uncover across the entire threat landscape.

AlienVault Labs Threat Intelligence drives the USM platform’s threat assessment capabilities by identifying the latest threats, resulting in the broadest view of threat vectors, attacker techniques and effective defenses. Unlike single-purpose updates focused on only one security control, AlienVault Labs regularly delivers eight coordinated rule set updates to the USM platform. These updates eliminate the need for you to spend precious time conducting your own research on emerging threats, or on alarms triggered by your security tools. These rule sets maximize the efficiency of your security monitoring program by delivering the following updates directly to your AlienVault USM installation:

  • Correlation directives – USM ships with over 2,000 pre-defined rules that translate raw events into specific, actionable threat information by linking disparate events from across your network

  • Network IDS signatures – detect the latest malicious traffic on your network

  • Host IDS signatures – identify the latest threats targeting your critical systems

  • Asset discovery signatures – detect the latest operating systems, applications, and device information

  • Vulnerability assessment signatures – uncover the latest vulnerabilities on your systems

  • Reporting modules – receive new views of critical data about your environment to management and satisfy auditor requests

  • Dynamic incident response templates – customized guidance on how to respond to each alert

  • Newly supported data source plugins – expand your monitoring footprint by integrating data from legacy security devices and applications

bottom of page