Powerful Threat Detection & Incident Response for All Your Environments
AlienVault® USM Anywhere™ provides centralizes security monitoring for your cloud, on-premises, and hybrid IT environments, including cloud applications like Office 365 and G Suite. With multiple essential security capabilities in one unified platform, USM Anywhere simplifies and accelerates threat detection and compliance management for today’s resource-constrained IT security teams.
Delivered as a cloud service, USM Anywhere deploys rapidly and enables you to start detecting threats within minutes. Because there’s no hardware appliance to install or maintain in your data center, you save significant time, resources, and money for an overall low total cost of ownership.
USM Anywhere uses virtual sensors that run on VMware and Microsoft Hyper-V to monitor your on-premises physical and virtual IT infrastructure. In the cloud, lightweight cloud sensors natively monitor Amazon Web Services and Microsoft Azure Cloud. Security analysis and log storage are centralized in the AlienVault Secure Cloud and provide you with centralized security visibility of your critical infrastructure.
USM Anywhere also receives a continuous stream of threat intelligence updates from the AlienVault Labs Security Research Team, so you always have the latest security intelligence at your fingertips. AlienVault Labs leverages data from the Open Threat Exchange® (OTX™) — the world’s largest open threat community—to gain expansive intelligence on threats as they appear in the wild. hope
Correlate Asset Info with Threat & Vulnerability Data
It's a problem when you don't know what’s on your cloud and network environments and how the assets within those environments are configured. Wouldn't you prefer certainty? Automated asset discovery and scanning can start you on the path to certainty. The USM platform combines core discovery and inventory technologies to give you full visibility into the devices that show up on your network and the instances running in your cloud environments.
Network Asset Discovery
AlienVault USM gently scans your environment to gather information about your device. These responses provide clues that help identify the device, the OS, running services, and the software installed on it. They can also often identify the software vendor and version without having to send any credentials to the asset to run a more invasive scan.
Passive Network Monitoring
AlienVault USM utilizes passive network monitoring techniques to evaluate network communications and identify information about assets that are on the network.
- IP and hardware MAC address pairings for use in asset inventory and to detect MAC spoofing
- IP header analysis to identify operating systems and running software packages
- TCP/IP traffic analysis for OS fingerprinting and basic network topography
Cloud Asset Discovery
AlienVault USM hooks directly into cloud infrastructure providers’ APIs to give you immediate visibility into your cloud environment within minutes of installation. The USM platform leverages native cloud services like AWS CloudWatch and Azure Insights to collect data from your cloud environments and begin detecting threats.
Actionable Threat Intelligence Delivered Directly to You
Most teams don’t have unlimited resources to research the latest threats in the wild. That’s why the AlienVault Labs Security Research Team works on your behalf to scour the global threat landscape for emerging latest attack methods, bad actors, and vulnerabilities that could impact your security. This team analyzes hundreds of thousands of threat indicators daily and delivers continuous threat intelligence updates automatically to your USM environment, in the form of actionable IDS signatures, correlation rules, remediation guidance, and more. With this integrated threat intelligence subscription, you always have the most up-to-date threat intelligence as you monitor your environment for emerging threat.
To provide deeper and wider insight into attack trends and bad actors, the AlienVault Labs Security Research Team leverages the power of the Open Threat Exchange® (OTX™)—the world’s first truly open threat intelligence community. This community of security researchers and IT professionals collaborate and share millions of threat artifacts as they emerge “in the wild,” so you get global insight into attack trends and bad actors that could impact your operations.