AlienApps
  
AlienApps
 
USM Anywhere is a highly extensible platform that leverages AlienApps. The solution can be integrated with a third-party security and productivity tools with third-party security and productivity tools to extend your security orchestration capabilities. For example, solution integrates with MS Azure, Office 365, G Suite, Jira, Cisco Umbrella and others. 
 
With AlienApps, you can: 
  • Extract and analyze data from third-party security applications 
  • Visualize external data within USM Anywhere’s rich graphical dashboards 
  • Push actions to third-party security tools based on threat data analyzed by USM Anywhere 
  • Gain new security capabilities as new AlienApps are introduced into USM Anywhere 
Besides, USM Anywhere currently ships with out-of-the-box integration with leading security apps. 
 
Security and compliance for you Microsoft Azure subscription. Collect and analyze log data from Azure Monitor and be alerted to Azure security and configuration issues. AlienVault® USM Anywhere™ extends the reach of IT security beyond on-premises applications, data and user activity. Purpose-built for cloud security monitoring, USM Anywhere combines essential security capabilities to address Azure security concerns for risk reduction and improved compliance. What’s more - USM Anywhere provides single pane-of-glass visibility - whether your workloads are in Azure, AWS, on-premises on virtual machines (Hyper-V, VMware, etc.) - or all of the above. Learn more here
 
Monitor your Office 365 user and administrator activities in Azure AD, SharePoint Online, OneDrive, and Exchange Online. Detect ransomware, privilege escalation, file sharing, and more. AlienVault® USM Anywhere™ delivers the Office 365 security and compliance monitoring you need to protect your users and your data hosted in the Office 365 environment. 
 
The built-in AlienApp for Office 365 in USM Anywhere collects your Office 365 events and gives you visual reporting dashboards and user-centric views that make Office 365 security monitoring fast and simple. USM Anywhere correlates your Office 365 events with the latest threat intelligence from the AlienVault Labs Security Research Team as well as with other security-related events happening in your cloud and on-premises environments. This gives you the complete context you need to accurately and fully detect threats, even if you have limited time and resources to do so. Learn more here.
 
Detect threats against G Suite (formerly Google Apps), including Drive, Docs, Gmail, and more. Monitor user and admin activities, and know, who is logging in accessing your data, and more. The AlienApp for G Suite extends USM Anywhere’s robust threat detection capabilities to Gmail, Google Calendar, and Google Drive (Docs, Sheets, Slides, and Forms). USM Anywhere makes G Suite security and compliance monitoring fast and simple with visual dashboards, user-centric data views, and elastic search capabilities. With integrated threat intelligence specifically for G Suite, USM Anywhere allows you to start detecting threats immediately on Day One. Learn more here
 
Security and compliance for your AWS cloud environment. Analyze CloudTrail, CloudWatch, ELB, and S3 access logs, and be alerted to intrusions, suspicious account activities, and more. AlienVault® USM Anywhere™ overcomes security and compliance challenges and more. In fact, we’ve optimized our AWS sensor to address the biggest cloud security issues in the simplest way. 
Designed for AWS environments, AlienVault USM Anywhere delivers essential security capabilities in a way that makes sense in the cloud. It allows you to identify threats in real-time, scan for vulnerabilities, and respond to incidents to reduce risks and demonstrate compliance, no matter where your data, apps, or users oam. Learn more here
 
Automatically block malicious domains in Cisco Umbrella whenever they are detected in USM Anywhere. Reduce the time between detection and incident response through security automation. The AlienApp™ for Cisco Umbrella delivers advanced security orchestration capabilities between AlienVault® USM Anywhere™ and Cisco Umbrella (formerly OpenDNS). With the pre-built orchestration between these two products, you can close the loop between threat detection and response, without any of the heavy lifting typically required to integrate multiple security IT tools. Learn more here.
 
Detect and block malicious IP addresses in Palo Alto Networks next-generation firewalls automatically as threats are detected in USM Anywhere. Get security orchestration out of the box. The pre-built integration between USM Anywhere and Palo Alto Networks gives you closed-loop threat detection and response out of the box, without requiring any complex set up or extra installations. Learn more here.
 
Easily open incident tickets in ServiceNow in response to threats and vulnerabilities detected in USM Anywhere. Get all relevant threat data. Remediate incidents faster. Built for ServiceNow IT Service Management and Security Operations, the AlienApp for ServiceNow helps security teams respond efficiently to threats and vulnerabilities detected by USM Anywhere, without requiring any additional integration or installation. Learn more here.
 
Monitor your endpoints with Carbon Black, incl. Cb Protection and Cb Response, and automatically isolate your infected endpoints with Cb Response whenever USM Anywhere detects treats. With pre-built security orchestration and automated response capabilities, you can shorten the time from threat detection to response, without any of the heavy lifting typically required to integrate multiple security IT tools. Learn more here.
 
Resolve security issues faster with the ability to open and track Jira issues directly from AlienVault USM for any vulnerability, event, or alarm. From any alarm, event, or vulnerability detected in USM Anywhere, you can create a new Jira issue that captures the relevant threat data needed for effective response, saving you time and effort. You can also automate the creation of new Jira issues in response to threats detected in USM Anywhere to further reduce the time between detection and resolution. Learn more here.
 
Detect compromised user credentials, policy violations, abuse, and other threats to your Okta account, directly from USM Anywhere. It provides deep security monitoring for your users’ single sign-on (SSO) and multi-factor authentication (MFA) Okta activities, helping you to safeguard user credentials through early threat detection and rapid response. elivered out of the box in USM Anywhere, the AlienApp for Okta extends your security capabilities without the usual complexities of integrating multiple IT and security tools. Learn more here.
 
Be alerted when your users' corporate credentials or the personal user credentials of your executives and privileged users are discovered on the dark web, so that you can take immediate action to prevent a breach. The AlienApp for Dark Web Monitoring leverages SpyCloud technology to monitor the dark web to discover if your users’ credentials, such as email addresses, usernames, and passwords, have been stolen. If detected, USM Anywhere alerts you so that you can respond swiftly to the compromise, ahead of a breach. Learn more here
 
Besides: 
 
Get deeper security visibility of your environment with the AlienApp for SonicWall. Collect and analyze log data from the SonicWall Unified Threat Management (UTM) and be alerted to intrusions. 
 
Monitor your WatchGuard Unified Threat Management (UTM) activities in USM Anywhere. Analyze log data, be alerted to intrusions, and visualize security events on a pre-built dashboard.
 
 
Monitor your McAfee EPO activities directly in USM Anywhere. Analyze log data from EPO and be alerted to intrusions, malicious IPs, suspicious activities, and more. 
 
 
Monitor your endpoint security with AlienApp for Cylance. Collect and analyze CylancePROTECT log data to detect and be alerted to threats in your environment. 
 
If you have questions about AlienVault solutions, please, write us at alienvault@bakotech.com