Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Improve Threat Detection for Education Organizations with AlienVault USM


Published on

Securing your network from threats is a constantly evolving challenge, especially for education organizations where IT security resources are limited. AlienVault has helped many education organizations get the security visbility they need, on a budget.
Join us for a special live demo of our AlienVault Unified Security Management (USM) solution, focused specifically on the needs of education organizations. You'll hear first-hand from one of your peers, Matthew J. Frederickson, from Council Rock School District, about how our USM solution has helped him improve threat detection and incident response.
We'll also walk through a product demo to show how USM makes it easy to:
Discover all IP-enabled assets on your network
Identify vulnerabilities like unpatched software or insecure configurations
Detect network scans and malware like botnets, trojans & rootkits
Speed incident response with built-in remediation guidance for every alert
Generate accurate reports for regulatory compliance

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Improve Threat Detection for Education Organizations with AlienVault USM

  1. 1. To simplify how organizations detect and mitigate threats Enable organizations to benefit from the power of crowd-sourced threat intelligence & unified security AlienVault Vision
  2. 2. Unified Security Management Platform A single platform for simplified, accelerated threat detection, incident response & policy compliance AlienVault Labs Threat Intelligence Correlation rules and directives written by our AlienVault Labs team and displayed through the USM interface Open Threat Exchange The world’s largest repository of crowd-sourced threat data providing a continuous view of real time threats that may have penetrated the company’s defenses. Unified Security Management
  3. 3. Threat Intelligence
  4. 4. Customer Success: Council Rock Matthew Frederickson, Director of Information Technology for Council Rock School District 12th largest school district in Pennsylvania (out of 500) • 11,200 students, 1,300 staff • 2 High Schools, 3 Middle Schools, 10 Elementary Schools • 72 square miles • 10 person IT department Key challenges: • Similar external threats that everyone else faces, plus… - “Curious” students who like to see what they can get away with - Budget constraints - Accountable to many stakeholders – school district management, community, teachers, administrators, parents, etc.
  5. 5. Customer Success: Council Rock Factors for choosing USM: • Started with SANS 20 Critical Security Controls • High visibility into the network with a tool that doesn’t require a lot of care & feeding • Scalable • Measures what matters – out of the box - Communications with known malicious IPs (OTX) - Not overwhelmed with alerts – built-in correlation directives filter the signal from the noise - Alerts when abnormal trends are observed - Weekly threat intelligence updates to alert on emerging threats
  6. 6. Customer Success: Council Rock Benefits gained using USM: • Identifying scripts brought in via thumb drives to scan network & other mischief from students • Identifying malware distributed via spear-phishing among staff • Alerts for the things that need attention, not overwhelmed with false positives • Comprehensive, customizable reporting • Certainty about what is going on in the network
  7. 7. ASSET DISCOVERY • Active Network Scanning • Passive Network Scanning • Asset Inventory VULNERABILITY ASSESSMENT • Continuous Vulnerability Monitoring • Authenticated / Unauthenticated Active Scanning BEHAVIORAL MONITORING • Log Collection • Netflow Analysis • Service Availability Monitoring SECURITY INTELLIGENCE/SIEM • SIEM Event Correlation • Incident Response THREAT DETECTION • Network IDS • Host IDS • File Integrity Monitoring USM Platform Integrated, Essential Security Controls
  8. 8. DEMO
  9. 9. Headline Avoidance Checklist Integrate tools into a single operating console or dashboard Maintain a continually updated software inventory Use continuous vulnerability monitoring Complete a hardware inventory Use network mapping Incorporate log aggregation and correlation Take threat intelligence feeds for threat identification and prioritization SANS Report: Practical Threat Management for Education Organizations
  10. 10. Protection on a Budget Four Valuable Questions for SIEM Vendors • How quickly can you get meaningful insights from the SIEM? • How much training is required for staff to use the SIEM? • How easily does the SIEM scale as the organization grows? • Does the SIEM integrate host-based agents, or is it limited to receiving logs from syslog or other forwarders? SANS Report: Practical Threat Management for Education Organizations
  11. 11. 888.613.6023 ALIENVAULT.COM CONTACT US HELLO@ALIENVAULT.COM Now for some Questions.. Questions? Twitter : @alienvault Test Drive AlienVault USM Download a Free 30-Day Trial Check out our 15-Day Trial of USM for AWS Try our Interactive Demo Site