AlienVault USM Anywhere

AlienVault USM Anywhere:

Secure Your Cloud, Hybrid Cloud, & On-premises Environments from the Cloud

TAKE A TEST DRIVE: NOW

Explore USM Anywhere with Our Online Demo!

enter the online demo

Discover Threat Detection & Incident Response Delivered in the Cloud

AlienVault® USM Anywhere™ is a SaaS security monitoring solution that centralizes threat detection, incident response, and compliance management across your cloud, hybrid cloud, and on-premises environments.

USM Anywhere uses lightweight cloud sensors to natively monitor Amazon Web Services and Microsoft Azure cloud. On premises, virtual sensors run on VMware and Microsoft Hyper-V to monitor your physical and virtual IT infrastructure. Data collection, security analysis, and threat detection are centralized in the AlienVault Secure Cloud and provides you with a single view into both your cloud and on-premises infrastructure.

With USM Anywhere, you can avoid the time, expense, and resources required to maintain multiple point security solutions in your data center and cloud infrastructure. Instead, you can focus on what matters most — protecting your IT infrastructure against today’s emerging threats.

Unlike any other security solution on the market today, USM Anywhere delivers five essential security capabilities in a unified SaaS solution, giving you everything you need to keep your business secure in one affordable, easy-to-manage console. It combines asset discovery, vulnerability management, intrusion detection, SIEM, and behavioral monitoring.

USM Anywhere also receives a continuous stream of threat intelligence updates from the AlienVault Labs Security Research Team, so you always have the latest security intelligence at your fingertips. Additionally, AlienVault Labs leverages data from the Open Threat Exchange™ (OTX™)—the world’s largest open threat community—to gain expansive intelligence on threats as they appear in the wild.

Introducing the Only Unified Platform for Complete Cloud & Hybrid Cloud Security

USM Anywhere goes beyond all other cloud security solutions on the market today. Here’s how –


CENTRALIZED SECURITY VISIBILITY INTO ALL OF YOUR ENVIRONMENTS

  • Monitor cloud, hybrid cloud, and on-premises IT infrastructure from a single location
  • Eliminate your security blind spots and shadow IT
  • Ensure continuous security monitoring as you migrate services and workloads to the cloud

FIVE ESSENTIAL SECURITY CAPABILITIES IN A SINGLE CONSOLE

  • Scan your environments for assets, vulnerabilities, and emerging threats
  • Collect IDS and behavioral monitoring data from on-premises and cloud infrastructure
  • Analyze and store your log data with built-in SIEM

BUILT NATIVELY IN THE CLOUD FOR THE CLOUD

  • Monitor your AWS and Azure environments from one cloud-based solution
  • Deploy faster and get immediate security insights into your cloud environment
  • Get the assurance of a dedicated, single-tenant data store

POWERFUL SECURITY ANALYSIS AT YOUR FINGERTIPS

  • Explore your security data faster and deeper with an interactive security analyzer
  • Orchestrated security threat detection and auto-responses for greater ease of use
  • Extend your security orchestration capabilities with AlienApps
  • Evolve to graph-based Security Analytics for more advanced security analysis

INTEGRATED THREAT INTELLIGENCE DELIVERED

  • Get deeper and wider insight into attack trends and bad actors without having to research
  • Tap into OTX - the world’s largest open community of threat intelligence

ALL THE BENEFITS OF SECURITY MONITORING AS A SAAS SOLUTION

  • Lower your total cost of ownership by eliminating data center, hardware, setup fees, and maintenance
  • Continuously save on operational costs without sacrificing reliability and regular upgrades
  • Scale your security monitoring as you grow your operations

The Unified Security Management Difference

5 Essential Security Capabilities in a Single Console

AlienVault USM Anywhere provides five essential security capabilities in a single SaaS platform, giving you everything you need to detect and respond to threats and manage compliance.


Asset Discovery

Know who and what is connected

  • API-powered asset discovery
  • Network asset discovery
  • Software & services discovery

Asset Discovery


Vulnerability Assessment

Know where vulnerabilities expose you to exploitation and compromise

  • Network vulnerability scanning
  • Cloud vulnerability scanning
  • Cloud infrastructure assessment

Vulnerability Assessment


Intrusion Detection

Know when suspicious activities happen in your environment

  • Cloud IDS
  • Network IDS
  • Host IDS
  • File Integrity Monitoring

Threat Detection


Behavioral Monitoring

Identify suspicious behavior and potentially compromised systems

  • Cloud access logs (Azure: Monitor, AWS: CloudTrail, S3, ELB)
  • AWS VPC Flow monitoring
  • Asset access logs
  • VMware access logs

Behavioral Monitoring


SIEM

Correlate and analyze security event data and respond

  • Event correlation
  • Incidence response
  • Integrated AlienVault Open Threat Exchange™ data
  • 12-month raw log retention

Security Intelligence

Centralized Security Visibility Into All Your Environments

 

USM Anywhere provides centralized security monitoring, incident response, and compliance management across all your cloud, hybrid cloud, and on-premises environments, so you achieve complete visibility of your security posture with one solution.

USM Anywhere natively monitors –

  • AWS and Microsoft Azure public clouds
  • Virtualized on-premises / private clouds on VMware and Hyper-V virtual machines
  • Physical IT infrastructure in your data center
  • Offices, retail stores, and other on-premises facilities

USM Anywhere uses purpose-built cloud sensors to monitor your Amazon Web Services and Microsoft Azure cloud environments, and VMware and Hyper-V virtual sensors to monitor your virtual and physical on-premises infrastructure. Security-related data is collected and sent to the AlienVault Cloud for security analysis, threat correlation, and secure, compliance-ready data storage.

Centralized security monitoring in USM Anywhere gives you powerful threat detection capabilities across your cloud and on-premises landscape, helping to eliminate your security blind spots and regain control over shadow IT. Even as you migrate workloads and services from your data center to the cloud, you have the assurance of continuous security visibility.

Built Natively in the Cloud for the Cloud

USM Anywhere is one of the few truly cloud-native security monitoring solution built in the cloud for the cloud. It uses direct hooks into cloud infrastructure provides’ APIs to give you a richer data set, greater control over your cloud security, and immediate visibility of your cloud environment within minutes of installation. USM Anywhere leverages native cloud infrastructure provider services like AWS CloudWatch and Azure Monitor to collect data from your cloud environments, creating more seamless and efficient way to monitor your cloud security.

COMPLIANCE-READY COLD STORAGE

USM Anywhere supports long-term log retention, known as “cold storage.” By default, USM Anywhere enables 12 months of cold storage with the ability to extend your long-term storage capacity. In addition, USM Anywhere supports a “write once, read many” (WORM) approach to prevent log data from being modified.

DEDICATED, SINGLE-TENANT DATA STORE

When you send sensitive security-related data to a security monitoring solution in the cloud, you want to ensure that your data is protected and leak-proof. That’s why AlienVault uses a single-tenant data store architecture to securely manage all of our customers’ accounts.

With USM Anywhere, your data is stored in its own dedicated container, which is completely isolated from other customers’ data. Whereas multi-tenancy is prone to data leakage and breakage that can affect multiple customer accounts, (especially as SaaS providers scale) single-tenancy ensures that all customers’ data is kept separate and leak-proof. It’s a better architecture for you and for us.

Powerful Security Analysis at Your Fingertips


AUTOMATED RESPONSE ORCHESTRATION

USM Anywhere provides advanced security orchestration rules that automate actions and responses according to your needs, making your work more efficient. You can –

  • Reduce alarm “noise” with suppression rules
  • Generate custom alarms based on any parameter
  • Auto-respond to events with orchestration rules
  • Create orchestration rules for third-party AlienApps

EXTENDED SECURITY ORCHESTRATION WITH ALIENAPPS

USM Anywhere is a highly extensible platform that leverages AlienApps—integrations with third-party security and productivity tools—to extend your security orchestration capabilities. With AlienApps, you can –

  • Extract data from your third-party security applications
  • Visualize external data within USM Anywhere’s graphically rich dashboards
  • Push actions to third-party security tools based on threat data analyzed by USM Anywhere
  • Gain new security capabilities as new AlienApps are introduced into USM Anywhere

USM Anywhere currently ships with out-of-the-box integration with Cisco Umbrella and McAfee ePO.


ALIENVAULT GRAPH-BASED ANALYTICS ENGINE

USM Anywhere takes a new approach to SIEM event correlation that makes security analysis faster, more flexible, and more effective than ever. With our unique Graph-based Analytics Engine, you can –

  • View a complete state model of your environment at any given time as well as compare different time periods
  • Run ad-hoc queries on large and complex data sets faster and more efficiently
  • Enhance correlation by keying off of connections between assets, users, and activities in your infrastructure and the changes occurring between them.

INTERACTIVE SEARCH & ANALYSIS

When you centralize security monitoring of all your cloud and on-premises IT environments, you need a highly efficient way to parse large amounts of security-related data from across a complex and dynamically changing IT infrastructure. USM Anywhere provides a more intuitive and flexible interface to search and analyze your security-related data. With it, you can –

  • Search and data in highly granular ways
  • Pivot around selected data for deeper analysis
  • Create and export custom data views and compliance-ready reports
alienvault labs

Detect the Latest Threats with AlienVault Threat Intelligence

AlienVault Labs Security Research Team evaluates hundreds of thousands of threats daily to understand the latest threats and delivers a continuous stream of threat intelligence to USM Anywhere. This integrated threat intelligence keeps your USM Anywhere security monitoring solution updated with the latest information about threat actors, their methods, their infrastructure, and their tools, helping you to stay abreast of emerging and evolving threats that are targeting your systems and users.

To provide deeper and wider insight into attack trends and bad actors, the AlienVault Labs Security Research Team leverages the power of the Open Threat Exchange (OTX) — the world’s largest community-sourced repository of threat data. Open Threat Exchange is the neighborhood watch of the global intelligence community. By providing expert data on online threats, OTX enables IT professionals of all levels of security expertise to collaborate to defend their organizations and others.

The AlienVault Labs Security Research Team curates and validates OTX threat data, translating it into comprehensive threat intelligence for use within USM Anywhere, allowing them to be your eyes and ears so that you can focus on responding incidents instead of researching.

Learn More About Threat Intelligence ›

All the Benefits of Security Monitoring Delivered as a SaaS Solution

Say Goodbye to Expensive Hardware


With a SaaS solution, you can eliminate hardware costs, set up fees, and ongoing maintenance costs to reduce your total cost of ownership.

High Reliability Delivered


We work hard to ensure high reliability and deliver regular system upgrades so that you don’t have to.

Scale as Your Business Grows


USM Anywhere is sized and priced to suit your business needs today and in the future. As you grow, simply add more capacity. View Pricing ›

Accessible from Anywhere


With USM Anywhere, you can monitor security posture from anywhere. So, you can finally stop spending your holidays in the office server room.

Fast & Easy Deployment


Take deployment from months to minutes. Simply download and activate your USM Anywhere Sensors to start seeing security-related events.

Reduced Time to Benefit


With a rapid install, minimal configurations, and instant, actionable security insights, you can start detecting threats in USM Anywhere on Day One.

Future-Proof Your Investment


USM Anywhere is a highly extensible platform, so you’ll continue to benefit as new AlienApps for security and productivity are launched.

Secure Data at Rest and in Transit


All data is sent via an encrypted connection to AlienVault’s Secure Cloud. Your data is stored in an isolated single-tenant data store with unique SSH credentials.


SC Magazine Awards 2016 Europe Winner
Forbes Cloud 100
Gartner Visionary in Magic Quadrant for SIEM 2016
Cybersecurity Excellence Awards Winner 2016
SC Media Best Buy
Deloitte Technology Fast 500
CRN Partner Program Guide Winner 2016
Watch a Demo ›
GET PRICE FREE TRIAL CHAT