Amidst today’s rapidly changing threat landscape, companies must work constantly to improve their security postures and to safeguard their cloud and on-premises assets. Businesses must be able to combat new threats as they emerge, but without the headaches of managing multiple disparate security products. Companies like Starwood Waypoint and CeloPay have turned to AlienVault’s USM Anywhere to help ease these headaches and reduce the complexity of realizing security and compliance in their Amazon Web Services (AWS) cloud environments.
As an AWS Advanced Technology Partner, AlienVault provides AWS users with centralized and easy-to-manage threat detection, incident response, and compliance management for their cloud, on-premises, and hybrid IT environments.
AlienVault USM Anywhere combines a continuous stream of threat intelligence updates from AlienVault’s Security Research Team with the five most essential security capabilities, enabling organizations to more quickly detect threats and better secure their AWS environment. USM Anywhere is a unified SaaS solution purpose-built for the shared AWS security model where AWS secures the infrastructure and the customer is responsible for the security of their applications, content, and systems.
Starwood Waypoint Combats Phishing Attacks (01/20/2017)
Starwood Waypoint (formerly known as Colony Starwood) is the third-largest single residential home rental organization in the country. The company cannot afford a security breach, especially with 800 employees managing tens of thousands of properties. No one knows this better than the Security Engineer (SE) who runs Starwood Waypoint’s security team. At first, the SE had to juggle volumes of security data from multiple systems. It was too much. He decided his team needed an all-in-one solution that could provide easy-to-view insights into the company’s security posture.
“I wanted something I could put into an all-in-one solution”
After evaluating numerous SIEMs, the SE chose AlienVault USM Anywhere, a solution that simplifies and centralizes threat detection and incident response across cloud and on-premises environments. The SE deployed USM Anywhere’s AWS cloud sensor to natively monitor the Starwood Waypoint network. Using USM Anywhere’s purpose-built sensors for cloud and on-premises, the SE now monitors his cloud environment and local environment together while incorporating features, like reporting and security capabilities, in one unified system.
USM Anywhere’s consolidated approach combines asset discovery, vulnerability management, intrusion detection, SIEM and behavioral monitoring in one cost-effective, centralized SaaS solution. This massive breadth of security solutions rolled under one unique banner coupled with the benefits offered by AWS give organizations a purpose-built solution for securing an ever-changing AWS environment. Now, the SE and his team can spend less time on hardware administration and number crunching for security preparation and more time focusing on actually protecting the IT infrastructure against threats. With “everything under one roof,” the SE and his small security team can focus on what matters most: threat mitigation.
Starwood Waypoint relies on USM Anywhere integrations with AWS CloudTrail, CloudWatch and S3, using USM Anywhere to flag AWS configuration changes for instance, anytime an S3 bucket is made public. They also use USM Anywhere to detect vulnerabilities and system permission changes, as well as generate alerts on emerging threats based on the latest threat intelligence.
“Everything is under one roof”
The SE combats multiple phishing attacks numerous times a week. USM Anywhere helps him by monitoring all traffic flowing in and out of Starwood Waypoint’s local network environment. With the help of a mirrored WAN port, the SE can be instantly alerted when someone lands on a phishing page, enabling him to quickly contact the victim and mitigate the attack before it escalates.
In fact, USM Anywhere can use potential phishing instances to boost employee education about security threats. For example, if the SE contacts a user about a phishing attempt, he can walk the victim through the attack with screenshots of it as it unfolded. This helps the employee to better understand what happened, and prepare the employee to stop future attempts.
CeloPay Demonstrates Seamless Compliance (02/28/2017)
Compliance, while not an attack, is another security challenge for many companies, especially in the payment processing industry. CeloPay, a web-based SaaS company, helps businesses securely request and receive payment data from customers, a process that comes with serious security and PCI compliance requirements. CeloPay CEO, Jason Harper, decided to use USM Anywhere to fulfill the company’s PCI Level 1 Service Provider requirements. This means CeloPay, which uses AWS CloudTrail, EC2, RDS and ELB, can ensure it has compliance-ready cold storage and can support long-term log retention for up to 12 months. PCI auditors, for example, can now see that CeloPay’s antivirus was working just as well nine months ago as it is now — available with all the necessary documentation and evidence.
“It’s just easy”
Handling payment data is a sensitive process that often includes compliance requirements. USM Anywhere’s combination of both security and compliance capabilities led Harper to select the product. Now CeloPay can count on compliance-ready data storage and management across all on and off-premises environments with USM Anywhere’s single-solution approach.
“It’s a comprehensive product at an affordable price”
With a centralized approach providing a single view into critical infrastructures, companies using USM Anywhere can meet a plethora of compliance and security goals for their AWS cloud environments. From Starwood Waypoint’s need for advanced security tactics to guard against phishing and malware threats to CeloPay’s compliance requirements, USM Anywhere excels in adapting to diverse company needs. As the threat landscape continues to accelerate, USM Anywhere gives companies the peace of mind that only a comprehensive solution can offer.