AlienVault Threat Alerts are a simple yet powerful tool that comes built-in with Spiceworks. When a device on your network has been interacting with a known malicious host or suspicious IP, you’ll immediately get an alert in your feed and you’ll get an alert email.

1. How to Get Secure in Spiceworks with AlienVault
stay spicy

2. About AlienVault Threat Alerts
AlienVault Threat Alerts are a simple yet
powerful tool that comes built-in with
Spiceworks. When a device on your network
has been interacting with a known malicious
host or suspicious IP, you’ll immediately get
an alert in your feed and you’ll get an
alert email.

3. • The current threat landscape
• What to do when you receive a Threat Alert
in Spiceworks
• How to monitor cloud services & internet
facing devices with NEW Threat Monitor for
Spiceworks
• How to take security even further with
AlienVault's Unified Security Management
(USM) platform
Overview

4. • More and more organizations are finding
themselves in the crosshairs of various bad
actors for a variety of reasons.
• The number of organizations experiencing
high profile breaches is unprecedented.
• The “security arms race” cannot continue
indefinitely as the economics of securing
your organization is stacked so heavily in
favor of those launching attacks that
incremental security investments are seen
as impractical.
Threat landscape: Our new reality
60%
In 60% of cases, attackers
are able to compromise an
organization within minutes.
Source: Verizon Data Breach Report, 2015

5. “There are two types of companies that use
computers. Victims of crime that know they
are victims of crime and victims of crime that
don’t have a clue yet.”
- Jim Routh
CISO, Aetna

6. Prevent Detect & Respond
Prevention is elusive
vs

7. AlienVault Alerts in Spiceworks:
Dashboard & Device Details Page

8. Investigating Threat Alerts
• FREAK OUT
• Run thorough malware scan on
suspect machine and address
any issues found
• Confirm via other sources
(VirusTotal, IPVoid, etc) that IP is
a threat
• Record incident
• Flag IP address for review if you
believe it is a false positive

9. Remediation Advice
• Download the white paper
“Remediation Tips for AlienVault
Threat Alerts in Spiceworks”
• Great How-To with valuable tips
on further investigation of threats
in your environment

10. AlienVault Threat Monitor
• Affordable, Cloud Security Monitoring in Minutes
• Cloud service with no on-premise technology
• Low monthly cost
• Continuous Threat Detection
• Real-time alerts integrated within your
Spiceworks desktop
• Accelerates and simplifies your ability to detect
and respond to threats on your perimeter devices
and cloud platforms
• Ability to scale threat detection without having to
add staff
• Built-in security controls with continuous
updates from AlienVault Labs

11. Q: Who will benefit from Threat Monitor?
A: Any Spiceworks user who has:
Lack of visibility into attacks directed at cloud services and internet-facing
on-premise systems
Limited security expertise due to shortage of IT resources
No dedicated security staff
No threat intelligence to help identify & research threats
No centralized management and control with existing security tools

12. Monitor your internet-facing network
devices and cloud services including:
for Work

13. AlienVault Threat Monitor for Spiceworks
Top Features & Benefits
Security Monitoring of SaaS and Internet-
facing Devices
• Scan devices for vulnerabilities
• Monitor your cloud services for abuse and
intrusion
• Track your company reputation: Know when
your network is being used for malicious activity
• Alert you when threats are found or when your
systems have become compromised
• Inform you about new and emerging threats
and how to remediate vulnerabilities and
misconfigurations

14. AlienVault Products Comparison
AlienVault Product Pricing Form Factor
Cloud App
Monitoring
On-Premise
Monitoring
Integrated
Threat
Intelligence
FREE Cloud No No No
Starts at
$295/ Month
Cloud Yes
Internet-
Facing
Devices
Basic
Starts at
$3900
Virtual or
Physical
Appliance
No Yes Yes

15. USM Platform
ASSET DISCOVERY
• Active Network Scanning
• Passive Network Scanning
• Asset Inventory
VULNERABILITY
ASSESSMENT
• Continuous
Vulnerability Monitoring
• Authenticated /
Unauthenticated Active
Scanning
BEHAVIORAL MONITORING
• Netflow Analysis
• Service Availability Monitoring
SIEM
• Log Collection
• Event Correlation
• Incident Response
INTRUSION DETECTION
• Network IDS
• Host IDS
• File Integrity Monitoring
Built-In, Essential Security Controls

16. Unified Security Management
Unified Security Management Platform
A single platform for simplified, accelerated threat detection, incident response & policy
compliance
AlienVault Labs Threat Intelligence
Correlation rules and directives written by our
AlienVault Labs team and displayed through
the USM interface
Open Threat Exchange
The world’s largest repository of
crowd-sourced threat data providing a
continuous view of real time threats that may
have penetrated the company’s defenses.

17. 888.613.6023
ALIENVAULT.COM
CONTACT US
HELLO@ALIENVAULT.COM
Now for some Questions..
Download a Free 30-Day Trial of USM
http://www.alienvault.com/free-trial
Check out our 15-Day Trial of USM for AWS
https://www.alienvault.com/free-trial/usm-for-aws
Try our Interactive Demo Site
http://www.alienvault.com/live-demo-site
Join OTX:
https://www.alienvault.com/open-threat-exchange