September was another busy month for product development at AlienVault, an AT&T Company. We are excited that the AlienVault Agent is getting great traction with our USM Anywhere user base, and we are continuing to add feature enhancements to the Agent. You can keep up with all of our regular product releases by reading the release notes in the AlienVault Product Forum.
Here are the highlights from our September releases.ea
Enhancements to the AlienVault Agent!
Coming off the successful introduction of the USM Anywhere EDR functionality enabled by the AlienVault Agent, we are excited to announce more improvements to the Agent. The feedback from our users on the Agent has been great thus far, and in September we added more filtering capabilities, designed to give users more control over what types of data the agent is collecting. You can now apply regular filtering rules to Agent events, giving you the flexibility you need over what data you collect. We will continue to add feature enhancements to the Agent in the coming months.
The USM Anywhere API is here!
Following up to our API release in USM Central, which has been very popular with our MSSPs, we are happy to announce the introduction of the API in USM Anywhere. Available for Standard and Premium Edition customers of USM Anywhere, you can now extract alarms and events from USM Anywhere to help you with independent workflows. This is the first major step towards a full set of API functionality build out in USM Anywhere.
Enhancements to the AlienApp for ConnectWise
Building on its initial release, the AlienApp for ConnectWise now works with on premises deployments of ConnectWise Manage. Service management teams that use on premises deployments of ConnectWise Manage can now leverage automated service ticket creation from USM Anywhere for alarms and vulnerabilities, as well as the synchronization of asset information.
Defects and Optimizing the UX
In addition to these new capabilities, the team has rolled out enhancements to the user interface and has addressed multiple defects and inefficiencies. Make sure to read the product release notes for all the details.
USM Central Highlights
Following on the introduction of the API in August, we are pleased to announce the availability of additional API endpoints that allow customers and partners to retrieve vulnerabilities, deployment information, and configuration issues for connected USM Anywhere instances. This continues the build out of the USM Central API, and stay tuned as we continue to add more API endpoints in the coming months.
Threat Intelligence Highlights
It’s been a typically active month for the AlienVault Labs Security Research team, curating the threat intelligence for USM as well as writing content on new & emerging threats. As a reminder, USM receives continuously updated correlation rules and endpoint queries to detect & respond not only the latest signatures but also higher-level attack tools, tactics, and procedures – all curated by the human intelligence of the AlienVault Labs Security Research Team, bolstered by AlienVault’s machine intelligence.
The AlienVault Labs team publishes a weekly threat intelligence newsletter, keeping you informed of the threats they are researching and delivering as actionable threat intelligence automatically to the USM platform. Read the AlienVault Threat Intelligence newsletters here.
In addition, here are some recent blogs from the Labs Team, which highlights their recent research: