With a focus on simplifying asset management, OSSIM v5.0 (available 4/20) makes it faster and easier than ever to get the insights you need. Join us for this user training to learn how to get the most out of these new enhancements:
Assign custom labels for assets, groups and networks
Search, filter and group assets by OS, IP address, device type, custom labels and more
Run vulnerability and asset scans on custom asset groups with one click
Filter by asset groups in alarms, security events and raw logs
Update configuration, sensor assignment, asset value and more on multiple assets and groups of assets at once
...and more!
2. Resources for OSSIM Users
AlienVault Forums:
https://www.alienvault.com/forums/discussions/tagged/ossim
LinkedIn Group: https://www.linkedin.com/groupInvitation?gid=3793
OSSIM On-Demand Training Webcasts:
https://www.alienvault.com/product-training
Documentation Center: Many USM resources applicable to OSSIM users
https://www.alienvault.com/documentation
AlienVault Blog – Analysis from the AlienVault Labs research team, practical
tips to secure your environment & industry trends
3. New features overview
Examples of how to use OSSIM
New Documentation Center
Launchpad training
USM for AWS
OTX 2.0 Beta
AGENDA
5. Summary of Features in v5.0
Asset Oriented Security
Backup and Restore
Rapid Response Message Center
6. Asset-Oriented Security
Simplified user interface,
views, and workflows
Customize workflows to
match how you want to
protect your network
Easier to get results on the
first day of install
7. Create / Manage Groups More Easily
Create groups by selecting
any number of assets from
the asset list
Manage group membership
and group details from the
asset and group levels
8. Enhanced Asset Details
Centralized view of
vulnerabilities, alarms, and
other security events in
the same view
Manage security controls
at the asset level
Add custom labels for
device attributes
9. Leveraging Asset Groups
Gain insight about threats
targeting the network and
compliance status
Aggregate view of all
vulnerability, alarm and
event data for assets in
group
Enable security controls for
all assets in the group
10. Rapid Response Message Center
Centralized delivery of all
in-system messages,
errors, warnings
View all security
advisories, documentation
updates and release
notes
Increases awareness of
system status and
changes to threat
landscape
11. Backup and Restore
Users can backup and
restore system
configurations including:
• System profile
• Networking
• Inventory data
• Policies
• Plugins
• Correlation directives
• Other basic
configuration settings
Backups run automatically
each day.
13. Launchpad Training – 1 day course
New 1-day course provides an orientation to
AlienVault and will cover the following topics:
• Basic architecture of AlienVault USM and
how it helps to protect your organization
• How to detect and respond to threats
• How to ensure that the system is operating
properly and how to work with assets
• Working with policies to filter unnecessary
events and false positives.
• How to turn the data that's coming from the
system into valuable information and
action
14. New Documentation Center
New Documentation Center includes:
Google-powered search
Simple layout via a table of contents
Public availability of knowledge base
articles
AlienVault look and feel
Easy export of documentation to PDF
for offline access
Access to knowledge base articles by
AlienVault Support
A direct link to documentation
supporting USM for AWS
www.alienvault.com/documentation
15. USM for AWS
USM for AWS gives you visibility
into:
The state of your AWS
infrastructure
Assets in your environment
Assets that are misconfigured or
vulnerable to exploits
Who is using your resources and
how they are using them
Malicious activity targeting your
environment
16. OTX 2.0 Beta – Sign up!
Joining the beta will enable you to:
Collaborate with researchers
and security practitioners
Get access to threat intelligence
and data
Automatically export IOC’s into
your security tools
Strengthen your defenses and
help others do the same
https://www.alienvault.com/open-
threat-exchange/otx-beta
18. How is USM different?
Correlation Directives: Over 2,000 built-in correlation directives developed by the
AlienVault Labs Threat Research Team, and updated weekly
Reporting: 150+ Customizable Reports, including compliance-specific reports
Log Management: Robust Log Management, Log Search & Long-Term Log
Retention
Database Performance: Enhanced storage capacity & performance optimization
Professional Support via phone & email as well as customer support portal
And more…view comparison chart here:
https://www.alienvault.com/products/compare-ossim-to-alienvault-usm
“I started out with OSSIM and I didn’t fully realize how much value I would get out of USM until I started using it.
The reporting is awesome, it’s been a big benefit for me. And, having a fully supported solution means I can get
answers to my questions much more quickly than before.”
– Matthew Frederickson, Director of Information Technology, Council Rock School District
20. 888.613.6023
ALIENVAULT.COM
CONTACT US
HELLO@ALIENVAULT.COM
Questions?
Resources for OSSIM Users
OSSIM vs. USM Comparison Chart
https://www.alienvault.com/products/compare-ossim-to-alienvault-usm
AlienVault Forum
https://www.alienvault.com/forums/discussions/tagged/ossim
LinkedIn Group
https://www.linkedin.com/groupInvitation?gid=3793
Subscribe to the AlienVault Blog
https://www.alienvault.com/blogs
Launchpad Training Classes
https://www.alienvault.com/support/launchpad