AlienVault® USM Anywhere™
  
AlienVault® USM Anywhere™
 
AlienVault® USM Anywhere™ is the multifunctional platform, which accelerates and centralizes threat detection, incident response, and compliance management for your cloud, on-premises, and hybrid environments.
USM Anywhere integrates basic security technologies as asset management, vulnerability assessment, intrusion detection (network, host and cloud), incident response, SIEM correlation, and log management as well as reporting.
 
AV_usm_anywhere_bakotech
 
 
AlienVault® USM Anywhere™ is an All-in-One platform, which:
 
1. DISCOVER. Knows what’s connected to your environment at all times.
  • Network asset discovery
  • Software & services discovery
  • AWS asset discovery
  • Azure asset discovery
2. DETECT. Detects threats and suspicious activities early, no matter where or how they appear in your environment.
  • Cloud intrusion detection (AWS, Azure)
  • Network intrusion detection (NIDS)
  • Host-based intrusion detection (HIDS)
  • File integrity monitoring (FIM)
  • Endpoint Detection and Response (EDR)
3. ASSESS. Identifies the vulnerabilities and configuration issues that expose your organization to risk.
  • Network vulnerability scanning
  • Cloud infrastructure assessment
  • User & asset configuration assessment
  • Dark web monitoring for stolen user credentials
4. ANALYZE. Correlates and analyzes security events and behaviors that could indicate a compromise or potential breach.
  • SIEM event correlation, auto-prioritized alarms
  • User activity monitoring
  • Cloud access log monitoring (AWS, Azure)
  • AWS VPC flow monitoring
  • Log management (90 days searchable events)
  • Log retention (12 months raw log storage)
5. RESPOND. Acts swiftly to contain threats and to mitigate impact.
  • Security orchestration and automation
  • Forensics and incident response
  • Notification channels: email, Slack, DataDog, and Amazon SNS
  • Ticketing integrations with Jira and ServiceNow
6. REPORT. Easily produces rich security reports for management and compliance auditors.
  • Pre-built compliance reporting templates
  • Pre-built security event reporting templates
  • Customizable data views, save and export as reports
av_usmanywhere_bakotech
 
 
USM Anywhere includes purpose-built cloud sensors that natively monitor your Amazon Web Services (AWS) and Microsoft Azure cloud environments, and cloud applications like Office 365. On premises, lightweight virtual sensors run on Microsoft Hyper-V and VMware ESXi to monitor your virtual private cloud and physical IT infrastructure.
None of the security monitoring solutions will ensure the absolute security of your IT infrastructure, but USM Anywhere will bring you as close as possible to being aware of the threats due to constantly updated information.
 
The AlienVault Labs threat research team spends countless hours mapping out the different types of attacks, the latest threats, suspicious behavior, vulnerabilities and exploits they uncover across the entire threat landscape. It regularly publishes threat intelligence updates to the USM platform in the form of correlation directives, IDS signatures, vulnerability audits, asset discovery signatures, IP reputation data, data source plugins, and report templates. The team also provides up-to-the-minute guidance on emerging threats and context-specific remediation guidance, which accelerates and simplifies threat detection and remediation.
 
Addition to the team's research are the data from AlienVault Open Threat Exchange® (OTX), communities of more than 80,000 participants from 140+ countries that provide more than 3 million threat indicators each day.
 
USM Anywhere is a highly extensible platform that leverages AlienApps — integrations with third-party security and productivity tools — to extend your security orchestration capabilities. With AlienApps, you can:
  • Extract and analyze data from third-party security applications
  • Visualize external data within USM Anywhere’s rich graphical dashboards
  • Push actions to third-party security tools based on threat data analyzed by USM Anywhere
  • Gain new security capabilities as new AlienApps are introduced into USM Anywhere
Besides, USM Anywhere currently ships with out-of-the-box integration with leading security apps.
 
alienvault_usm_anywhere_bakoteck
 
If you have questions about AlienVault solutions, please, write us at alienvault@bakotech.com.