AlienVault Unified Security Management (USM) Platform

Unified Security Management Overview:

Discover a Better Way to Detect & Respond to Threats


Experience Unified Security Management

Unified Security Management Delivers Advanced Security in the Cloud & On-Premises

AlienVault® Unified Security Management™ (USM™) is a comprehensive approach to security monitoring, delivered in a unified platform. The USM platform includes five essential security capabilities that provide resource-constrained organizations with all the security essentials needed for effective threat detection, incident response, and compliance, in a single pane of glass.

Designed to monitor cloud, hybrid cloud and on-premises environments, AlienVault USM significantly reduces complexity and deployment time so that you can go from installation to first insight in minutes – talk about fast threat detection!

USM overcomes the limitations of traditional point solutions with a complete platform that:

  • Unifies essential security controls into a single all-in-one security monitoring solution
  • Monitors your cloud, hybrid cloud, and on-premises infrastructure
  • Delivers continuous threat intelligence to keep you aware of threats as they emerge and change
  • Provides comprehensive threat detection and actionable incident response directives
  • Deploys quickly, easily, and with minimal effort
  • Reduces TCO over traditional security solutions
SC Media 5-Star
CRN Security 100 2017
CRN Cloud PPG 2017
SC Magazine Awards 2017 Europe Winner
Forbes Cloud 100 2017
Deloitte Fast 500
Cybersecurity Excellence Awards Winner 2017

A Unified Platform for Threat Detection & Incident Response

5 Essential Security Capabilities in a Single Console

The Unified Security Management approach eliminates the complexity and costs of integrating and maintaining multiple point solutions. By combining five essential security capabilities, organizations can spend more time responding to threats rather than dealing with the headaches and hassles of deploying and integrating multiple products.

Asset Discovery

Get visibility into the assets and user activity in your cloud and on-premises environments.

Asset Discovery

Vulnerability Assessment

Scan your cloud and on-premises environments to detect assets, assess vulnerabilities, and deliver remediation guidance.

Vulnerability Assessment

Intrusion Detection

Inspect traffic between devices and protect critical assets and systems in your cloud and on-premises environments.

Threat Detection

Behavioral Monitoring

Identify suspicious behavior and potentially compromised systems.

Behavioral Monitoring


Correlate and analyze security event data from across your cloud and on-premises environments.

Security Intelligence

alienvault labs

Actionable Threat Intelligence So You Can Focus on Your Day Job

The AlienVault Labs Security Research Team evaluates hundreds of thousands of threats daily to understand the threat landscape and to deliver a continuous stream of threat intelligence directly to the USM platform. This threat intelligence, combined with data collected from AlienVault’s Open Threat Exchange™ (OTX™), provides you with the information you need to successfully identify and respond to emerging threats in your infrastructure. Learn more ›

Multiple Deployment Options Meet Your Needs

Whether your IT infrastructure resides in your data center, a public cloud, a virtualized private cloud, or any combination of those, we’ve got you covered.

The AlienVault USM family of products includes:

USM Anywhere™ is a cloud-based solution designed to monitor cloud, hybrid cloud, and on-premises environments from the AlienVault Secure Cloud.

USM Anywhere uses lightweight software sensors to natively monitor Amazon Web Services (AWS), Microsoft Azure Cloud, VMware, and Microsoft Hyper-V, and physical IT infrastructure. It centralizes all data collection, security analysis, and threat detection in the AlienVault Secure Cloud, eliminating the need to manage and maintain another box.

Key Features:

  • Cloud-based
  • Monitors Cloud and On-premises
  • Automated Action Response
  • Integrated Threat Intelligence

USM Appliance™ is an appliance-based solution designed for organizations that require dedicated on-premises monitoring from their own data centers.

USM Appliance Sensors are distributed to various on-premises networks to scan, monitor, and collect data from the network infrastructure, giving you complete visibility into threats affecting your network, and insights into how to mitigate them. Data is aggregated and stored centrally in a physical or virtual appliance in your data center.

Key Features:

  • Appliance-based
  • Monitors On-premises Networks
  • Management in Your Data Center
  • Integrated Threat Intelligence

Outsource Security to a Certified MSSP

Discover the Benefits of Security-as-a-Service ›

What Will You Do with USM on Day One? Here are Some Ideas.

Go from Installation to First Insight in Just Minutes

Achieving complete security visibility used to be time-consuming, expensive, and complex. Collecting the right data, aggregating it, normalizing it, and correlating disparate technologies for a complete view was difficult, if not impossible.

With built-in event correlation rules, a continuous stream of threat intelligence, and the ability to create custom correlation rules, you can get the complete security visibility you deserve.

Quickly answer questions like:

  • What’s happening right now that could signal a data breach?
  • What do I need to do right now to prevent service outages or malware outbreaks?
  • Has one or more of my assets been compromised by ransomware or other malicious software?
  • Are any threats detected when correlating firewall logs, Windows events, AWS CloudTrail events, and Azure Insights logs?

Detect & Respond to Threats

Within minutes of installing USM Anywhere or USM Appliance, the built-in asset discovery finds and provides you visibility into the assets in your AWS, Azure, and on-premises environments, determining what software and services are installed on them, how they’re configured, and any potential vulnerabilities and active threats being executed against them.

Learn more about threat detection ›

Quickly answer questions like:

  • What devices are on my physical and virtual networks?
  • What instances are running in my cloud environments?
  • What vulnerabilities exist on the assets in my cloud and network?
  • Are there known attackers trying to interact with my cloud and network assets?

Meet Compliance Requirements

We don’t make false promises of 100% protection with our USM platform. The threat landscape changes too quickly. But, we do quickly detect threats and accelerate compliance by delivering unified and coordinated security monitoring capabilities, powered by the latest threat intelligence from the AlienVault Labs Security Research Team and supplemented by the OTX community.

PCI DSS, HIPAA, Sarbanes-Oxley and other compliance mandates are an ongoing concern for many of our customers and we have solid solutions to meet regulatory compliance needs.

Learn more about compliance management ›

USM facilitates compliance by:

  • Allowing you to determine performance against compliance requirements, such as mandated vulnerability scans, access controls, logging, and retention of logs
  • Enabling you to manage and ensure performance of ongoing compliance tasks
  • Producing compliance reports to inform management and help you pass your audits

Take your Security to a New Level with AlienVault USM

See how our Unified Security Management solutions can transform the way you approach security. Learn more about solution options or take USM out for a test drive today!

Watch a Demo ›