AlienVault Unified Security Management™ (USM) integrates SIEM/event correlation with built-in tools for intrusion detection, asset discovery, vulnerability assessment and behavioral monitoring to give you a unified, real-time view of threats in your environment. NEW v5.0 (available 4/20) makes it faster and easier than ever to get the insights you need, starting on Day 1.
Join us for a live demo to see how new USM v5.0 makes it easier than ever to accomplish these key tasks:
Discover all IP-enabled assets on your network
Identify vulnerabilities like unpatched software or insecure configurations
Detect network scans and malware like botnets, trojans & rootkits
Speed incident response with built-in remediation guidance for every alert
Generate accurate compliance reports for PCI DSS, HIPAA and more
2. AlienVault Vision
Accelerating and simplifying threat
detection and incident response for IT
teams with limited resources, on day
one
Enable organizations of all sizes to
benefit from the power of crowd-
sourced threat intelligence & unified
security
3. Challenge: No Business is Safe Today
1Symantec Internet Security Threat Report 2013
2Ponemon “The Risk of an Uncertain Security Strategy”
Most organizations lack the time, resources &
expertise to monitor all of their technologies
90% of US businesses suffered some sort of hacking attack
50% of all targeted attacks were aimed at businesses with fewer
than 2,500 employees1
26% of SMBs have in-house expertise for achieving a strong IT
security posture2
44% of SMBs have adequate budget for achieving a strong IT
security posture2
4. Traditional Security is Complex and Expensive
Given the 10 most recommended technologies
and the pricing range, an organization could
expect to spend anywhere from $225,000 to
$1.46m in its first year, including technology and
staff.
Factor into this:
Initial licensing costs
Implementation / optimization costs
Ongoing management costs
Renewal costs
Integration of all security technologies
Training of personnel/incoming personnel
Source: The Real Cost of Security, 451 Research, April
2013
6. And Yet….
“There is growing recognition that
there is no silver bullet. Firewalls
and antivirus software alone cannot
keep hackers out...”
NY Times, 12/4/2014
7. Prevent Detect & Respond
The basics are in
place for most
companies…but
this alone is a
‘proven’ failed
strategy.
New capabilities to develop
The Solution
9. Unified Security Management Platform
Accelerates and simplifies threat detection and incident response for IT teams with
limited resources, on day one
AlienVault Labs Threat Intelligence
Identifies the most significant threats targeting your
network and provides context-specific remediation
guidance
Open Threat Exchange
The world’s largest repository of crowd-sourced
threat data, provides a continuous view of
real-time threats
AlienVault Approach:
Unified Security Management
13. Asset-Oriented Security
Simplified user interface,
views, and workflows
Customize workflows to
match how you want to
protect your network
• Puts security and threat
information about your
systems, data, and users at
your fingertips
Makes it easier to get results
on day one
14. Create / Manage Groups More Easily
Create groups by selecting
any number or type of assets
from the asset list
Manage group membership
and group details from the
asset and group levels
Create any combination of
assets quickly and easily to
match your workflows and
best practices
15. Enhanced Asset Details
Identify vulnerabilities,
alarms, and other
security events in the
same view
Manage asset and
vulnerability scans as
well as availability
monitoring at the asset
level
Customize labels for
device attributes, helpful
when managing multiple
sites and/or clients
16. Leveraging Asset Groups
Gain insight about threats
targeting the network and
compliance status
• e.g. for PCI-DSS: View
all activity, events,
alarms, and logs by
asset groups for in-
scope assets
Aggregate vulnerability,
alarm and event data for
easy analysis at the
group level
Enable asset and
vulnerability scans for an
entire group
17. Rapid Response Message Center
Centralized delivery of
all in-system
messages, errors,
warnings
Availability of updates
and patches
Security advisories,
documentation updates
and release notes
including defects fixed
Increases awareness
of system status and
changes to threat
landscape
19. 888.613.6023
ALIENVAULT.COM
CONTACT US
HELLO@ALIENVAULT.COM
Now for some Questions..
Questions? Hello@AlienVault.com
Twitter : @alienvault
Test Drive AlienVault USM
Download a Free 30-Day Trial
http://www.alienvault.com/free-trial
Check out our 15-Day Trial of USM for AWS
https://www.alienvault.com/free-trial/usm-for-aws
Try our Interactive Demo Site
http://www.alienvault.com/live-demo-site
Editor's Notes
We are dedicated to providing a simplified security solution that, when coupled with affordable pricing, is the perfect fit for organizations with limited budgets and few in-house resources.
AlienVault’ gives smaller IT organizations the ability to accelerate and simplify their threat detection and remediation efforts, as well as regulatory compliance.
With our unified, simplified approach, you can go from deployment to insight in less than one day
I imagine I would be hard pressed to find someone in this room that is not aware of any of the recent security breaches involving major retailers and service providers: Target (or is it ‘tar-zjhey’?), Home Depot, um…. iCloud??
These are HUGE corporations with seemingly endless budgets and inexhaustible resources that allow them to not only have the most expensive and elaborate security systems, but also a large and highly skilled team of people to run it all.
But how much importance is put on the security of the environments powering the midmarket?
Predictability of USM platform and security data: Ownership of the built-in data sources and management platform, coupled with unmatched security expertise delivered by the AlienVault Labs team of security experts, provides effective security controls and seamlessly integrated threat intelligence for any environment
AlienVault Labs threat research team spends countless hours mapping out the different types of attacks, the latest threats, suspicious behavior, vulnerabilities and exploits they uncover across the entire threat landscape. They leverage the power of OTX, the world’s largest crowd-sourced repository of threat data to provide global insight into attack trends and bad actors. This eliminates the need for IT teams to conduct their own research on each threat.
They provide Specific, Relevant, and Actionable Threat Intelligence– such as, Over 2,000 predefined correlation directives, eliminating the need for customers to create their own, which is one of the primary sources of frustration with other SIEM products. Besides correlation directives, the AlienVault Labs Threat Intelligence regularly publishes threat intelligence updates to the USM platform in the form of IDS signatures, vulnerability audits, asset discovery signatures, IP reputation data, data source plugins, and report templates.
----- Meeting Notes (4/17/15 15:31) -----
These 5 essential capabilities are the strength of the platform
Rename Threat Detection "Intrusion Detection"
To purpose of the Rapid Response Message Center is to ensure visibility of critical threat intelligence updates from AlienVault Labs, system events, and warnings.
Customers have not been aware of new threat intelligence updates, system alarms (such as a database being near capacity)