USM Anywhere is Trusted, Verified and Secure | AlienVault

AlienVault USM Anywhere:

USM Anywhere is Trusted, Verified and Secure.

Asset
Discovery

Vulnerability
Assessment

Intrusion
Detection

Behavioral
Monitoring

SIEM &
Log Management

As a security-first organization, AlienVault makes the protection of your data and privacy our top priority. We’ve implemented several security measures to protect your data, both in the architecture of AlienVault USM Anywhere and by aligning our internal security controls and processes with industry-proven security best practices.

Audited and Secure Infrastructure and Processes

At AlienVault, we use AlienVault USM Anywhere to demonstrate and maintain our own continuous compliance, working with third-party auditors to regularly test our systems, controls, and processes. AlienVault is attested as compliant for several regulatory and cybersecurity standards, including PCI DSS, HIPAA, and SOC 2.

  • PCI DSS Level 1 Service Provider
  • Attestation of HIPAA Compliance
  • SOC 2 Type 2 Certified Compliant

With AlienVault USM, you can be assured of a secure, compliant product to monitor your cloud and on-premises environments and cloud applications. You can request a copy of our compliance audit reports from your AlienVault sales representative.

Certified to Secure Your Public Cloud Environments

AlienVault USM Anywhere is certified for monitoring the security of your AWS and Microsoft Azure cloud environments.

Microsoft Azure customers can be assured that their security management needs are met with USM Anywhere. The USM Anywhere Sensor is Microsoft Azure Certified, and can be quickly installed into an Azure subscription via the Azure Marketplace.

An AWS Advanced Technology Partner, AlienVault has achieved the AWS Security Competency, having met rigorous technical requirements and demonstrating real-world success in enabling customers to secure their AWS environments.

 

Read Our AWS Customer Case Studies

Our 6000 customers worldwide trust AlienVault for their security and compliance needs.

One such customer, CeloPay, leveraged USM Anywhere for their AWS PCI DSS compliance requirements. With USM Anywhere, CeloPay was able to streamline daily security reviews, simplify log management, reduce the amount of time needed to create audit reports, and identify potential security threats in near-real time.

See more customer success stories

Read the Case Study
CeloPay Protects Their AWS Environment with AlienVault

Designed to Keep Your Monitoring Data Secure

AlienVault USM Anywhere implements multiple mechanisms to assure the confidentiality, integrity, and availability of your security monitoring data, both from external and insider threats, and across your cloud, on-premises , and hybrid environments.

Dedicated, Single-Tenant Data Store


Unlike other SaaS-delivered services that use a multi-tenant architecture, AlienVault uses a single-tenant, dedicated data store architecture to securely store your security monitoring data. This assures that your data is completely isolated from other customers’ data, compared to multi-tenancy misconfigurations or failures that can result in data leakage and breakage, and that can affect multiple customer accounts.

Your Security Data Secured in Transit


Every USM Anywhere Sensor uses the Transport Layer Security (TLS) protocol to create a secure connection with the USM Anywhere central service. Both your USM Anywhere Service and each of your USM Anywhere Sensors has a unique digital certificate, which are used to securely authenticate one another. Once authenticated, a unique encryption key is created, which then encrypts all security monitoring data sent from the USM Anywhere Sensor to your USM Anywhere service, maintaining its confidentiality and its integrity.

Maintaining the Confidentiality of Your Security Data at Rest


To assure the confidentiality of your security monitoring data at rest, USM Anywhere encrypts both your hot (online) and cold (long-term) storage data using the Advanced Encryption Standard (AES) with a 256-bit encryption key, which is unique to your USM Anywhere service.

Maintaining Data Integrity in Cold Storage


Any event and log collected by USM Anywhere is stored within compliant-ready and secure “cold storage.” By default, USM Anywhere enables at least 12 months of cold storage, with the ability to extend the long-term storage capacity as needed.

USM Anywhere uses a “write once, read many” (WORM) approach to log storage to prevent log data from being modified or otherwise tampered with. You can download your raw logs at any time by initiating a request from within USM Anywhere. If you ever decide not to renew your contract, your unique encryption key and data are securely destroyed 90 days after your contract expires.

Operated by Trusted Personnel

We understand that your security monitoring data is as sensitive as your intellectual property and customer data. Only a very limited number of AlienVault employees have access to your AlienVault USM Anywhere service, and we use the principle of least privilege in determining that access. Prior to being granted access these individuals must pass a background check, and they are subject to regular training and testing to ensure their familiarity and adherence to our processes and tools.

SC Media 5-Star
CRN Security 100 2017
CRN Cloud PPG 2017
SC Magazine Awards 2017 Europe Winner
Forbes Cloud 100 2017
Deloitte Fast 500
Cybersecurity Excellence Awards Winner 2017
Watch a Demo ›
GET PRICE FREE TRIAL