Interactive Demo
Resource Center

White Papers

Vulnerability Management and The Attacker’s ROI

Vulnerability Management and The Attacker’s ROI

Attackers care about ROI – they want to accomplish their objective with the least investment of time and resources possible. To most effectively manage vulnerabilities, you need to think like the attacker: how would you how would you go about doing damage, exfiltrating valuable information and making money? What are the key assets in your network that you would target? How would you get to these assets? And how does the new attack strategy of implanting malicious code on your network by your users with well-known but tricky tactics like phishing factor in?

Read It Now

What is Log Correlation

What is Log Correlation

Log correlation is the most powerful feature of Security Information and Event Management (SIEM.) The answers you need are invariably in the logs, but system logs don't say "Help! Help! I'm being broken into with a compromised account!" They say "Successful Login from Authenticated User." Log correlation is all about constructing rules that look for sequences and patterns in log events that are not visible in individual log sources. The analysis of log files in a SIEM would otherwise have to be done with repetitive human analysis.

Read It Now

451 Group Report: AlienVault USM - A Security Operations Center for the SMB

451 Group Report: AlienVault USM - A Security Operations Center for the SMB

“AlienVault's USM is tailor-made for the needs of the security-savvy SMB. It offers affordability, and a comprehensive and ever-increasing feature set powered by the respectable AV Labs and Open Threat Exchange.” In this analyst report, Javvad Malik of The 451 Group, reviews AlienVault's SMB- focused approach to SIEM and discusses the competitive landscape.

Read It Now

The Value of Crowd-Sourced Threat Intelligence

The Value of Crowd-Sourced Threat Intelligence

As an industry, we need a threat-sharing solution that allows IT practitioners to achieve preventative response by learning about how others are targeted, and then employ the right defenses to avoid becoming a target themselves. With this goal in mind, AlienVault created the Open Threat Exchange™ (OTX™) as an open information sharing and analysis network that provides real-time, actionable threat information submitted by over 8,000 contributors in more than 140 countries.

Read It Now

Practitioner’s Guide to a SOC

Practitioner’s Guide to a SOC

This guide is intended to provide a technical audience the core information necessary to evaluate the security controls essential to establishing a Security Operation Center (SOC). This guide will provide a solid understanding of what data a SOC needs to be able to effectively operate and what methods can be used to gather that data.

Read It Now

OSSIM vs Commercial Products

OSSIM vs Commercial Products

AlienVault believes in an open and collaborative approach to security. Based on OSSIM, the de facto standard open source SIEM created by AlienVault, the AlienVault Unified Security Management solution (USM) is well-suited to companies of all types and sizes. Our open source solution is a full-featured product, but may lack the full component of features and serves larger organizations require. Find out which AlienVault product works best for you.

Read It Now