AlienVault USM Anywhere:
Protect Your Network & Cloud with One Unified Security Solution
Threat Detection & Incident Response for All Your Environments
AlienVault® USM Anywhere™ is a SaaS security monitoring solution that centralizes threat detection, incident response, and compliance management across your on-premises, cloud, or hybrid environments.
Unlike any other security solution on the market today, USM Anywhere delivers five essential security capabilities in a unified SaaS solution, giving you everything you need to keep your business secure in a single pane of glass. It combines asset discovery, vulnerability management, intrusion detection, SIEM, and behavioral monitoring in one affordable and easy-to-use solution.
With USM Anywhere, you can avoid the time, expense, and resources required to maintain multiple point security solutions in your data center and cloud infrastructure. Instead, you can focus on what matters most — protecting your IT infrastructure against today’s emerging threats.
USM Anywhere uses virtual sensors that run on VMware and Microsoft Hyper-V to monitor your on-premises physical and virtual IT infrastructure. In the cloud, lightweight cloud sensors natively monitor Amazon Web Services and Microsoft Azure Cloud.
Data collection, security analysis, and threat detection are centralized in the AlienVault Secure Cloud and provide you with a single view into all of your critical infrastructure.
USM Anywhere also receives a continuous stream of threat intelligence updates from the AlienVault Labs Security Research Team, so you always have the latest security intelligence at your fingertips. Additionally, AlienVault Labs leverages data from the Open Threat Exchange® (OTX®) — the world’s largest open threat community—to gain expansive intelligence on threats as they appear in the wild.
Get Complete Security Visibility Into
AlienApps Extend Security Orchestration Capabilities!
USM Anywhere is a highly extensible platform that leverages AlienApps— modular software components tightly integrated into the USM Anywhere platform that extend, orchestrate, and automate functionality between the built-in security controls in USM Anywhere and other third-party security and productivity tools. With AlienApps, you can:
The Unified Security Management Difference
5 Essential Security Capabilities in a Single Console
AlienVault USM Anywhere provides five essential security capabilities in a single SaaS platform, giving you everything you need to detect and respond to threats and manage compliance.
Know who and what is connected
- API-powered asset discovery
- Network asset discovery
- Software & services discovery
Know where vulnerabilities expose you to exploitation and compromise
- Network vulnerability scanning
- Cloud vulnerability scanning
- Cloud infrastructure assessment
Know when suspicious activities happen in your environment
- Cloud IDS
- Network IDS
- Host IDS
- File Integrity Monitoring
Identify suspicious behavior and potentially compromised systems
- Cloud access logs (Azure: Monitor, AWS: CloudTrail, S3, ELB)
- AWS VPC Flow monitoring
- Asset access logs
- VMware access logs
Correlate and analyze security event data and respond
- Event correlation
- Incident response
- Integrated AlienVault Open Threat Exchange™ data
- 12-month raw log retention
Centralized Security Visibility Into All Your Environments
USM Anywhere provides centralized security monitoring, incident response, and compliance management across all your cloud and on-premises environments, so you achieve complete visibility of your security posture with one solution.
USM Anywhere natively monitors –
- AWS and Microsoft Azure public clouds
- Virtualized on-premises / private clouds on VMware and Hyper-V virtual machines
- Physical IT infrastructure in your data center
- Offices, retail stores, and other on-premises facilities
USM Anywhere uses purpose-built cloud sensors to monitor your Amazon Web Services and Microsoft Azure cloud environments, and VMware and Hyper-V virtual sensors to monitor your virtual and physical on-premises infrastructure. Security-related data is collected and sent to the AlienVault Cloud for security analysis, threat correlation, and secure, compliance-ready data storage.
Centralized security monitoring in USM Anywhere gives you powerful threat detection capabilities across your cloud and on-premises landscape, helping to eliminate your security blind spots and regain control over shadow IT. Even as you migrate workloads and services from your data center to the cloud, you have the assurance of continuous security visibility.
Discover the Difference of Unified Security Management for the Data Center & the Cloud
CENTRALIZED SECURITY VISIBILITY INTO ALL OF YOUR ENVIRONMENTS
FIVE ESSENTIAL SECURITY CAPABILITIES IN A SINGLE CONSOLE
BUILT NATIVELY IN THE CLOUD FOR THE CLOUD
POWERFUL SECURITY ANALYSIS AT YOUR FINGERTIPS
INTEGRATED THREAT INTELLIGENCE DELIVERED
ALL THE BENEFITS OF SECURITY MONITORING AS A SAAS SOLUTION
Cloud-Readiness Built at the Core
USM Anywhere is one of the few truly cloud-native security monitoring solutions built in the cloud for the cloud. It uses direct hooks into cloud infrastructure provides’ APIs to give you a richer data set, greater control over your cloud security, and immediate visibility of your cloud environment within minutes of installation. USM Anywhere leverages native cloud infrastructure provider services like AWS CloudWatch and Azure Monitor to collect data from your cloud environments, creating a more seamless and efficient way to monitor your cloud security.
COMPLIANCE-READY COLD STORAGE
USM Anywhere supports long-term log retention, known as “cold storage.” By default, USM Anywhere enables 12 months of cold storage with the ability to extend your long-term storage capacity. In addition, USM Anywhere supports a “write once, read many” (WORM) approach to prevent log data from being modified.
DEDICATED, SINGLE-TENANT DATA STORE
When you send sensitive security-related data to a security monitoring solution in the cloud, you want to ensure that your data is protected and leak-proof. That’s why AlienVault uses a single-tenant data store architecture to securely manage all of our customers’ accounts.
With USM Anywhere, your data is stored in its own dedicated container, which is completely isolated from other customers’ data. Whereas multi-tenancy is prone to data leakage and breakage that can affect multiple customer accounts, (especially as SaaS providers scale) single-tenancy ensures that all customers’ data is kept separate and leak-proof. It’s a better architecture for you and for us.
Powerful Security Analysis at Your Fingertips
AUTOMATED RESPONSE ORCHESTRATION
USM Anywhere provides advanced security orchestration rules that automate actions and responses according to your needs, making your work more efficient. You can –
- Reduce alarm “noise” with suppression rules
- Generate custom alarms based on any parameter
- Auto-respond to events with orchestration rules
- Create orchestration rules for third-party AlienApps
ALIENVAULT GRAPH-BASED ANALYTICS ENGINE
USM Anywhere takes a new approach to SIEM event correlation that makes security analysis faster, more flexible, and more effective than ever. With our unique Graph-based Analytics Engine, you can –
- View a complete state model of your environment at any given time as well as compare different time periods
- Run ad-hoc queries on large and complex data sets faster and more efficiently
- Enhance correlation by keying off of connections between assets, users, and activities in your infrastructure and the changes occurring between them.
INTERACTIVE SEARCH & ANALYSIS
When you centralize security monitoring of all your cloud and on-premises IT environments, you need a highly efficient way to parse large amounts of security-related data from across a complex and dynamically changing IT infrastructure. USM Anywhere provides a more intuitive and flexible interface to search and analyze your security-related data. With it, you can –
- Search and filter in highly granular ways
- Pivot around selected data for deeper analysis
- Create and export custom data views and compliance-ready reports
All the Benefits of Security Monitoring Delivered as a SaaS Solution
Say Goodbye to Expensive Hardware
With a SaaS solution, you can eliminate hardware costs, set up fees, and ongoing maintenance costs to reduce your total cost of ownership.
High Reliability Delivered
We work hard to ensure high reliability and deliver regular system upgrades so that you don’t have to.
Scale as Your Business Grows
USM Anywhere is sized and priced to suit your business needs today and in the future. As you grow, simply add more capacity. View Pricing ›
Accessible from Anywhere
With USM Anywhere, you can monitor your security posture from anywhere. So, you can finally stop spending your holidays in the office server room.
Fast & Easy Deployment
Take deployment from months to minutes. Simply download and activate your USM Anywhere Sensors to start seeing security-related events.
Reduced Time to Benefit
With a rapid install, minimal configurations, and instant, actionable security insights, you can start detecting threats in USM Anywhere on Day One.
Future-Proof Your Investment
USM Anywhere is a highly extensible platform, so you’ll continue to benefit as new AlienApps for security and productivity are launched.
Secure Data at Rest and in Transit
All data is sent via an encrypted connection to AlienVault’s Secure Cloud. Your data is stored in an isolated single-tenant data store with unique SSH credentials.