Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Alienvault threat alerts in spiceworks


Published on

AlienVault Threat Alerts are a simple yet powerful tool that comes built-in with Spiceworks. When a device on your network has been interacting with a known malicious host or suspicious IP, you’ll immediately get an alert in your feed and you’ll get an alert email.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Alienvault threat alerts in spiceworks

  1. 1. How to Get Secure in Spiceworks with AlienVault stay spicy
  2. 2. About AlienVault Threat Alerts AlienVault Threat Alerts are a simple yet powerful tool that comes built-in with Spiceworks. When a device on your network has been interacting with a known malicious host or suspicious IP, you’ll immediately get an alert in your feed and you’ll get an alert email.
  3. 3. • The current threat landscape • What to do when you receive a Threat Alert in Spiceworks • How to monitor cloud services & internet facing devices with NEW Threat Monitor for Spiceworks • How to take security even further with AlienVault's Unified Security Management (USM) platform Overview
  4. 4. • More and more organizations are finding themselves in the crosshairs of various bad actors for a variety of reasons. • The number of organizations experiencing high profile breaches is unprecedented. • The “security arms race” cannot continue indefinitely as the economics of securing your organization is stacked so heavily in favor of those launching attacks that incremental security investments are seen as impractical. Threat landscape: Our new reality 60% In 60% of cases, attackers are able to compromise an organization within minutes. Source: Verizon Data Breach Report, 2015
  5. 5. “There are two types of companies that use computers. Victims of crime that know they are victims of crime and victims of crime that don’t have a clue yet.” - Jim Routh CISO, Aetna
  6. 6. Prevent Detect & Respond Prevention is elusive vs
  7. 7. AlienVault Alerts in Spiceworks: Dashboard & Device Details Page
  8. 8. Investigating Threat Alerts • FREAK OUT • Run thorough malware scan on suspect machine and address any issues found • Confirm via other sources (VirusTotal, IPVoid, etc) that IP is a threat • Record incident • Flag IP address for review if you believe it is a false positive
  9. 9. Remediation Advice • Download the white paper “Remediation Tips for AlienVault Threat Alerts in Spiceworks” • Great How-To with valuable tips on further investigation of threats in your environment
  10. 10. AlienVault Threat Monitor • Affordable, Cloud Security Monitoring in Minutes • Cloud service with no on-premise technology • Low monthly cost • Continuous Threat Detection • Real-time alerts integrated within your Spiceworks desktop • Accelerates and simplifies your ability to detect and respond to threats on your perimeter devices and cloud platforms • Ability to scale threat detection without having to add staff • Built-in security controls with continuous updates from AlienVault Labs
  11. 11. Q: Who will benefit from Threat Monitor? A: Any Spiceworks user who has: Lack of visibility into attacks directed at cloud services and internet-facing on-premise systems Limited security expertise due to shortage of IT resources No dedicated security staff No threat intelligence to help identify & research threats No centralized management and control with existing security tools
  12. 12. Monitor your internet-facing network devices and cloud services including: for Work
  13. 13. AlienVault Threat Monitor for Spiceworks Top Features & Benefits Security Monitoring of SaaS and Internet- facing Devices • Scan devices for vulnerabilities • Monitor your cloud services for abuse and intrusion • Track your company reputation: Know when your network is being used for malicious activity • Alert you when threats are found or when your systems have become compromised • Inform you about new and emerging threats and how to remediate vulnerabilities and misconfigurations
  14. 14. AlienVault Products Comparison AlienVault Product Pricing Form Factor Cloud App Monitoring On-Premise Monitoring Integrated Threat Intelligence FREE Cloud No No No Starts at $295/ Month Cloud Yes Internet- Facing Devices Basic Starts at $3900 Virtual or Physical Appliance No Yes Yes
  15. 15. USM Platform ASSET DISCOVERY • Active Network Scanning • Passive Network Scanning • Asset Inventory VULNERABILITY ASSESSMENT • Continuous Vulnerability Monitoring • Authenticated / Unauthenticated Active Scanning BEHAVIORAL MONITORING • Netflow Analysis • Service Availability Monitoring SIEM • Log Collection • Event Correlation • Incident Response INTRUSION DETECTION • Network IDS • Host IDS • File Integrity Monitoring Built-In, Essential Security Controls
  16. 16. Unified Security Management Unified Security Management Platform A single platform for simplified, accelerated threat detection, incident response & policy compliance AlienVault Labs Threat Intelligence Correlation rules and directives written by our AlienVault Labs team and displayed through the USM interface Open Threat Exchange The world’s largest repository of crowd-sourced threat data providing a continuous view of real time threats that may have penetrated the company’s defenses.
  17. 17. 888.613.6023 ALIENVAULT.COM CONTACT US HELLO@ALIENVAULT.COM Now for some Questions.. Download a Free 30-Day Trial of USM Check out our 15-Day Trial of USM for AWS Try our Interactive Demo Site Join OTX: