Today’s constantly evolving threat landscape traps organizations in a “threat cycle.” As new threats emerge, new security technologies are needed to address them. Another threat emerges, another technology follows.
Stuck in this continuous threat cycle, organizations tend to amass disparate security point solutions. This leads to an IT security environment that is siloed, complex to integrate, and difficult to manage.
Organizations need a way out.
AlienVault® AlienApps™ break the threat cycle by extending the threat detection and security orchestration capabilities of the USM Anywhere platform to other security tools that your IT team uses, providing a consolidated approach to threat detection and response.
With AlienApps, you can monitor more of your security posture directly within USM Anywhere, including your cloud services like Office 365 and G Suite. AlienApps also enable you to automate and orchestrate response actions in security tools from vendors such as Cisco and Palo Alto Networks, greatly simplifying and accelerating the threat detection and incident response processes.
AlienApps’ highly extensible architecture allows AlienVault to seamlessly add new security technologies to the platform as they become available, so enterprises can keep pace with the ever-changing threat landscape. AlienApps are available out of the box with USM Anywhere, at no extra cost.
AlienApps ship out of the box with USM Anywhere at no additional cost to you. Because USM Anywhere is a cloud-hosted solution, new AlienApps are delivered frequently, without requiring any platform updates or upgrades. Explore all AlienApps in our searchable directory. ›
AlienApps collect critical data from your on-premises and cloud infrastructure as well as cloud services, centralizing threat detection and incident response within USM Anywhere. This makes it easier and more efficient to investigate and respond to threats.
AlienApps enrich your data and enable USM Anywhere to analyze it using the latest AlienVault Threat Intelligence. Pre-built, interactive dashboards in USM Anywhere visualize your threat posture, making it easier to gain insights into trends and identify anomalies worth investigation.
With AlienApps, USM Anywhere serves as a powerful security orchestration and automation platform. When threats are detected, you can orchestrate incident investigation and response activities, both by creating automated actions and by manually triggering actions.
When you automate or manually trigger action responses in USM Anywhere, you can communicate important security information back to your other IT and security tools, creating a closed loop threat detection and response process. For example, if USM Anywhere detects a malicious IP, it can notify your Palo Alto Networks firewall to block the IP address.
Because USM Anywhere is a highly extensible cloud platform, it enables rapid development and delivery of new AlienApps for essential business and IT security applications. This agile design keeps you ahead of the changing IT landscape without having to pile on new security point products as your organization grows. This solves the threat cycle dilemma and significantly improves your threat detection and response capabilities in a cost-effective way.
Security orchestration with both third-party technologies and within the core USM Anywhere platform itself allow you to define automated action responses whenever threats are detected in USM Anywhere, shortening the time between detection and response. For example, if USM Anywhere detects communication from a phishing site, you can send the data to a third-party DNS enforcement service (e.g. Cisco Umbrella) for automated blocking.
AlienApps allow you to easily capture, analyze, and visualize security-related data from across your environments. This gives you greater visibility of your security posture and helps to reduce the signal-to-noise ratio, so you can readily identify and prioritize the threats that demand your immediate attention.
Our technology partners enable us to bring new security technologies into the USM Anywhere platform, further expanding your threat detection and response capabilities without the hassle of integration and management of multiple technologies.
In addition to the AlienApps ecosystem, USM Anywhere includes hundreds of plugins, so you can readily ingest security data from the existing data sources in your environment. The AlienVault USM Anywhere plugin library provides source-optimized data collection for a complete range of technologies, making it easy for you to get complete visibility into your entire environment. Don’t see the plugin you’re looking for? AlienVault will build a plugin for most commercially available products at no additional charge. Just submit a request and we will build it for you.
We’ve Got a Plugin for That
In addition to the AlienApps ecosystem, USM Anywhere includes hundreds of plugins, so you can readily ingest security data from the existing data sources in your environment.
The AlienVault USM Anywhere plugin library provides source-optimized data collection for a complete range of technologies, making it easy for you to get complete visibility into your entire environment.
Don’t see the plugin you’re looking for? AlienVault will build a plugin for most commercially available products at no additional charge. Just submit a request and we will build it for you.
USM Anywhere accelerates and centralizes threat detection, incident response, and compliance management for your cloud, on-premises, and hybrid environments. By unifying multiple essential security capabilities, USM Anywhere delivers everything you need to keep your business secure from a single pane of glass.