Featured: AlienApp for Dark Web Monitoring

Secure User Credentials with the AlienApp for Dark Web Monitoring

Learn More ›

Browse AlienApps:

AlienApps extend and automate the threat detection and response capabilities among the built-in security controls in USM Anywhere as well as other third-party security and productivity tools. AlienApps are developed and delivered to USM Anywhere continually, so you gain new security capabilities as the IT security and threat landscapes evolve.

No Results Found

AlienApp for Cloudflare 1519174500 1
Centralize your security monitoring with the AlienApp for Sophos Central. Collect and analyze Sophos Central alerts and events directly within USM Anywhere for simple, streamlined security management. Centralize your security monitoring with the AlienApp for Sophos Central. Collect and analyze Sophos Central alerts and events directly within USM Anywhere for simple, streamlined security management.

With the AlienApp™ for Sophos Central, you can centralize your security monitoring program in a single pane of glass, making it easier and faster to detect threats across multiple security platforms. The app enables you to collect and monitor Sophos Central alerts and events directly within AlienVault® USM Anywhere™.

The AlienApp for Sophos Central collects and parses data through the Sophos API, making it available for threat analysis and incident response within USM Anywhere. Sophos Central unifies security data from across the Sophos suite of products for server security, endpoint protection, email security, and more. 

Discover all the advantages of the AlienApp for Sophos Central:

  • Aggregate security alarms for malware activity detected in Sophos Central.
  • Create custom alarms and notifications for any Sophos Central security alert.
  • Define automated incident response actions for any Sophos Central security alert.
AlienApp for Sophos Central 1516056240 2
Resolve security issues faster with the ability to open and track Jira issues directly from AlienVault USM for any vulnerability, event, or alarm. Resolve security issues faster with the ability to open and track Jira issues directly from AlienVault USM for any vulnerability, event, or alarm.

With the AlienApp™ for Jira, you can open and track Jira issues directly from AlienVault® USM Anywhere™, making it easy, fast, and efficient to monitor the lifecycle of your incident response activities, even across multiple security and IT teams.

From any alarm, event, or vulnerability detected in USM Anywhere, you can create a new Jira issue that captures the relevant threat data needed for effective response, saving you time and effort. You can also automate the creation of new Jira issues in response to threats detected in USM Anywhere to further reduce the time between detection and resolution.

  • Accelerate time to resolution (TTR) with a simple, fast, and automated way to capture and trigger incident response activities in Jira.
  • Align security and IT teams around your incident response plan using your existing Jira IT deployment.
  • Monitor the full threat lifecycle—from threat detection to resolution—in a single pane of glass.
AlienApp for Jira 1508206680 12
Add a layer of security and compliance monitoring to your Fortinet firewalls. Collect and analyze Fortigate log data to identify threats and suspicious activities in your environment. Add a layer of security and compliance monitoring to your Fortinet firewalls. Collect and analyze Fortigate log data to identify threats and suspicious activities in your environment.AlienApp for Fortinet 1504669620 9
Get deeper security visibility of your environment with the AlienApp for SonicWall. Collect and analyze log data from the SonicWall Unified Threat Management (UTM) and be alerted to intrusions. Get deeper security visibility of your environment with the AlienApp for SonicWall. Collect and analyze log data from the SonicWall Unified Threat Management (UTM) and be alerted to intrusions.AlienApp for SonicWall 1504669560 8
Security and compliance for your Microsoft Azure subscription. Collect and analyze log data from Azure Monitor and be alerted to Azure security and configuration issues. Security and compliance for your Microsoft Azure subscription. Collect and analyze log data from Azure Monitor and be alerted to Azure security and configuration issues.AlienApp for Azure 1504669320 7
Detect threats against G Suite (formerly Google Apps), including Drive, Docs, Gmail, and more. Monitor user and admin activities, and know who is logging in, accessing your data, and more. Detect threats against G Suite (formerly Google Apps), including Drive, Docs, Gmail, and more. Monitor user and admin activities, and know who is logging in, accessing your data, and more.AlienApp for G Suite 1504668720 6
Security and compliance for your AWS cloud environment. Analyze CloudTrail, CloudWatch, ELB, and S3 access logs, and be alerted to intrusions, suspicious account activities, and more. Security and compliance for your AWS cloud environment. Analyze CloudTrail, CloudWatch, ELB, and S3 access logs, and be alerted to intrusions, suspicious account activities, and more.AlienApp for Amazon Web Services 1504663980 5
Monitor your Office 365 user and administrator activities in Azure AD, SharePoint Online, OneDrive, and Exchange Online. Detect ransomware, privilege escalation, file sharing, and more. Monitor your Office 365 user and administrator activities in Azure AD, SharePoint Online, OneDrive, and Exchange Online. Detect ransomware, privilege escalation, file sharing, and more.AlienApp for Office365 1504662960 4
Monitor your endpoint security with the AlienApp for Cylance. Collect and analyze CylancePROTECT log data to detect and be alerted to threats in your environment. Monitor your endpoint security with the AlienApp for Cylance. Collect and analyze CylancePROTECT log data to detect and be alerted to threats in your environment.AlienApp for Cylance 1504662360 3
Be alerted when your users' corporate credentials or the personal user credentials of your executives and privileged users a Be alerted when your users' corporate credentials or the personal user credentials of your executives and privileged users a

The AlienApp™ for Dark Web Monitoring allows you to detect if your users’ credentials have been compromised in a third-party breach and trafficked on the dark web, so that you can take immediate action to prevent a breach.

The AlienApp for Dark Web Monitoring leverages SpyCloud technology to monitor the dark web to discover if your users’ credentials, such as email addresses, usernames, and passwords, have been stolen. If detected, USM Anywhere alerts you so that you can respond swiftly to the compromise, ahead of a breach.

With this AlienApp, you can:

  • Protect against a breach with early detection of compromised user credentials
  • Monitor the dark web for stolen corporate credentials of your users
  • Safeguard the personal credentials of highly-targeted executives and privileged users
  • Be alerted as soon as compromised user credentials are discovered on the dark web
AlienApp for Dark Web Monitoring 1501947540 13
Detect compromised user credentials, policy violations, abuse, and other threats to your Okta account, directly from USM Anywhere. Detect compromised user credentials, policy violations, abuse, and other threats to your Okta account, directly from USM Anywhere.

The AlienApp™ for Okta enables you to monitor user activities and detect threats against your Okta account directly from USM Anywhere. It provides deep security monitoring for your users’ single sign-on (SSO) and multi-factor authentication (MFA) Okta activities, helping you to safeguard user credentials through early threat detection and rapid response.

Delivered out of the box in USM Anywhere, the AlienApp for Okta extends your security capabilities without the usual complexities of integrating multiple IT and security tools. Starting on Day One, USM Anywhere can help you to detect user credential theft, abuse, policy violations, and other threats to your Okta account, by alerting you to—

  • Suspicious or anomalous changes to Okta user accounts, profiles, and permissions
  • Authentication activities from a known malicious host
  • Attempts to bypass multi-factor authentication policies
  • Repeated login failures and possible brute force attacks
  • Escalations in administrative privileges and other admin-level changes
AlienApp for Okta 1499569860 14
Detect and block malicious IP addresses in Palo Alto Networks next-generation firewalls automatically as threats are detected in USM Anywhere. Get security orchestration out of the box. Detect and block malicious IP addresses in Palo Alto Networks next-generation firewalls automatically as threats are detected in USM Anywhere. Get security orchestration out of the box.

The AlienApp™ for Palo Alto Networks allows you to automate intrusion detection and response activities between AlienVault® USM Anywhere™ and Palo Alto Networks Next-Generation Firewall (NGFW) products, so that you can instantly block malicious IPs as soon as they are detected.

The pre-built integration between USM Anywhere and Palo Alto Networks gives you closed-loop threat detection and response out of the box, without requiring any complex set up or extra installations.

  • Close the loop between threat detection and response 
  • Simplify the integration of multiple IT and security products with AlienApps out of the box 
  • Gain deeper visibility into your firewall traffic and the top threats against your environment
  • Automatically block malicious IPs with Palo Alto Networks Next-Generation Firewalls as threats are detected in USM Anywhere
AlienApp for Palo Alto Networks 1496789460 10
Easily open incident tickets in ServiceNow in response to threats and vulnerabilities detected in USM Anywhere. Get all relevant threat data. Remediate incidents faster. Easily open incident tickets in ServiceNow in response to threats and vulnerabilities detected in USM Anywhere. Get all relevant threat data. Remediate incidents faster.

The AlienApp™ for ServiceNow allows you to streamline your incident response workflow between AlienVault® USM Anywhere™ and ServiceNow. When threats and vulnerabilities are detected in USM Anywhere, you can open an incident ticket in ServiceNow, automatically or manually.

Built for ServiceNow IT Service Management and Security Operations, the AlienApp for ServiceNow helps security teams respond efficiently to threats and vulnerabilities detected by USM Anywhere, without requiring any additional integration or installation.

  • Enable teams to work more efficiently to remediate vulnerabilities and security threats 
  • Automatically generate ServiceNow tickets directly within USM Anywhere, so you never miss a security incident that needs attention
  • Avoid the complexity of managing multiple ticketing systems and workflows across different products
  • Immediately available out of the box with USM Anywhere (no installation required)
AlienApp for ServiceNow 1496438580 11
Automatically block malicious domains in Cisco Umbrella whenever they are detected in USM Anywhere. Reduce the time between detection and incident response. Automatically block malicious domains in Cisco Umbrella whenever they are detected in USM Anywhere. Reduce the time between detection and incident response.

The AlienApp™ for Cisco Umbrella delivers advanced security orchestration capabilities between AlienVault® USM Anywhere™ and Cisco Umbrella (formerly OpenDNS), shortening the time from threat detection to response through security automation.

With the pre-built orchestration between these two products, you can close the loop between threat detection and response, without any of the heavy lifting typically required to integrate multiple security IT tools.

  • Shorten the time from threat detection to threat response with automation
  • Save time, money, and headaches in integrating multiple IT security tools 
  • Gain more visibility of your internet traffic by monitoring Cisco Umbrella logs directly within USM Anywhere
  • Automate or trigger response actions within USM Anywhere to block malicious domains in Cisco Umbrella
AlienApp for Cisco Umbrella 1496424360 15
Monitor your endpoints with Carbon Black, incl. Cb Protection and Cb Response, and automatically isolate your infected endpoints with Cb Response whenever USM Anywhere detects threats. Monitor your endpoints with Carbon Black, incl. Cb Protection and Cb Response, and automatically isolate your infected endpoints with Cb Response whenever USM Anywhere detects threats.

The AlienApp™ for Carbon Black delivers advanced security orchestration capabilities between AlienVault® USM Anywhere™ and Carbon Black’s Cb Protection and Cb Response, so you can automatically isolate your infected endpoints whenever threats are detected in USM Anywhere. 

With pre-built security orchestration and automated response capabilities, you can shorten the time from threat detection to response, without any of the heavy lifting typically required to integrate multiple security IT tools.

  • Shorten the time from threat detection to threat response with automation
  • Save time, money, and headaches in integrating multiple IT security tools
  • Gain more visibility into activities and changes detected in endpoints by Cb Protection
  • Automate or trigger response actions within USM Anywhere to isolate infected systems through Cb Response
AlienApp for Carbon Black 1496331360 16

We’ve Got a Plugin for That

In addition to the AlienApps ecosystem, USM Anywhere includes hundreds of plugins, so you can readily ingest security data from the existing data sources in your environment.

The AlienVault USM Anywhere plugin library provides source-optimized data collection for a complete range of technologies, making it easy for you to get complete visibility into your entire environment.

View the current list of plugins in USM Anywhere >

Don’t see the plugin you’re looking for? AlienVault will build a plugin for most commercially available products at no additional charge. Just submit a request and we will build it for you.

Request a USM Anywhere plugin here ›

Watch a Demo ›
GET PRICE FREE TRIAL