AlienVault Unified Security Management (USM) Appliance

AlienVault USM Appliance:

Powerful Threat Detection & Response for On-Premises Environments

GET IN THE DRIVER’S SEAT:

Try USM Appliance Free for 30 Days!

start a free trial

Get Complete Security Visibility on Day One

AlienVault® USM Appliance™ is an all-in-one platform designed and priced to accelerate and simplify threat detection, incident response, and compliance management for resource-constrained IT security teams so they can effectively defend themselves against today's advanced threats — starting on Day One.

USM Appliance includes the essential security capabilities and continuously delivered threat intelligence needed to quickly and easily identify and respond to threats in your physical and virtual infrastructure. This unified security management approach delivers everything needed in a single, easy-to-deploy, cost-effective solution to detect threats to on-premises infrastructure, data, and users without the headache involved in purchasing and deploying several expensive, difficult-to-deploy point solutions.

Unlike traditional SIEM or security point products, AlienVault’s USM Appliance provides:

  • Multiple Essential Security Monitoring Capabilities Without Multiple Consoles
  • Unified Security Monitoring Across On-Premises Environments
  • Simple Security Event Management and Reporting
  • Continuous Threat Intelligence to Keep You Aware of Threats
  • Fast and Easy Deployment

AlienVault Unified Security Management:

Better Threat Detection for Effective Response

The AlienVault USM Appliance is a unified threat detection and compliance management solution for all of your on-premises environments that is both easy-to-use and affordable. We’ve built all of the essential security capabilities you need into one Unified Security Management platform, which is then powered by up-to-the-minute threat intelligence from the AlienVault Labs Security Research Team and our Open Threat Exchange™ (OTX™)— the world’s first truly open threat intelligence community that enables collaborative defense with actionable community-powered threat data.

The result is a powerful solution, available in a virtual or physical appliance form factor, that delivers on its promise of complete security visibility.

The Unified Security Management Difference

5 Essential Security Capabilities in a Single Console

The AlienVault USM Appliance provides five essential security capabilities in a single console, giving you everything you need to manage both compliance and threats. Understanding the sensitive nature of IT environments, we include active, passive, and host-based technologies so that you can match the requirements of your particular on-premises environment.


Asset Discovery

Know who and what is connected to your on-premises environments at all times

  • Active Network Scanning
  • Passive Network Monitoring
  • Asset Inventory
  • Services Inventory

Asset Discovery


Vulnerability Assessment

Know where the vulnerabilities are on your assets to avoid easy exploitation and compromise

  • Authenticated/ Unauthenticated Vulnerability Scans
  • Continuous Vulnerability Monitoring

Vulnerability Assessment


Intrusion Detection

Know when suspicious activities happen in your environment

  • Network IDS
  • Host IDS
  • File Integrity Monitoring (FIM)

Threat Detection


Behavioral Monitoring

Identify suspicious behavior and potentially compromised systems

  • Netflow Analysis
  • Service Availability Monitoring
  • Full Packet Inspection

Behavioral Monitoring


SIEM

Correlate and analyze security event data from across your network and respond

  • Log Management
  • Event Correlation
  • Incident Response
  • Reporting and Alarms

Security Intelligence

Reviews of AlienVault Unified Security Management™ on  Software Reviews on TrustRadius

More Than Just a SIEM:

It’s Unified Security Management!

Traditional SIEM solutions promise to provide what you need to detect threats – but the path to get there is one most resource-constrained IT teams can’t afford. Traditional SIEM solutions integrate and analyze the data produced by other security technologies that are already deployed, but unfortunately many mid-market enterprise organizations don’t have those other technologies deployed yet!

AlienVault provides a different path. In addition to the functionality of a traditional SIEM, the AlienVault USM Appliance includes the essential security capabilities needed to effectively monitor your on-premises network in a single, unified platform. And AlienVault’s focus on ease of use and ease of deployment makes it the perfect fit for resource-constrained organizations.

USM Appliance
Traditional SIEM
STANDARD SIEM CAPABILITIES

LOG MANAGEMENT

USM APPLIANCE:
TRADITIONAL SIEM:

EVENT CORRELATION

USM APPLIANCE:
TRADITIONAL SIEM:

INCIDENT RESPONSE TICKETING

USM APPLIANCE:
TRADITIONAL SIEM:

REPORTING

USM APPLIANCE:
TRADITIONAL SIEM:
ESSENTIAL SECURITY CAPABILITIES

ASSET DISCOVERY

USM APPLIANCE:
TRADITIONAL SIEM:

VULNERABILITY ASSESSMENT

USM APPLIANCE:
TRADITIONAL SIEM:

NETWORK IDS

USM APPLIANCE:
TRADITIONAL SIEM:

HOST IDS

USM APPLIANCE:
TRADITIONAL SIEM:

FILE INTEGRITY MONITORING

USM APPLIANCE:
TRADITIONAL SIEM:

NETFLOW

USM APPLIANCE:
TRADITIONAL SIEM:

FULL PACKET CAPTURE

USM APPLIANCE:
TRADITIONAL SIEM:
ADDITIONAL CAPABILITIES

CONTINUOUS THREAT INTELLIGENCE
LEARN MORE ›

USM APPLIANCE:
TRADITIONAL SIEM:

SINGLE, UNIFIED CONSOLE

USM APPLIANCE:
TRADITIONAL SIEM:
READ IT NOW
alienvault labs

Detect the Latest Threats with AlienVault Threat Intelligence

Busy IT security teams don’t have the time or the resources to research all the latest threats on their own. The AlienVault Labs Security Research Team spends countless hours mapping out the different types of attacks, the latest threats, suspicious behavior, vulnerabilities and exploits they uncover across the entire threat landscape. They also leverage the power of Open Threat Exchange (OTX), the world’s largest community-powered repository of threat data, as part of their research efforts to provide global insight into attack trends and bad actors.

Stay On Top of Emerging Threats

The AlienVault Labs Security Research Team regularly publishes threat intelligence updates to USM in the form of correlation directives, IDS signatures, vulnerability signatures, asset discovery signatures, IP reputation data, data source plugins, reporting modules, and incident response templates that are used to keep USM Appliance abreast of the changing threat landscape so that you can focus on responding to threats.

Learn More About Threat Intelligence ›

Get Visibility Across Your Entire On-premises Environment

Achieving complete security visibility can be time-consuming, expensive, and complex. Collecting the right data, aggregating it, normalizing it, and correlating disparate technologies to get a complete view of your security posture isn’t a trivial effort. Ownership of the built-in data sources and management platform, coupled with unmatched security expertise delivered by the AlienVault Labs Security Research Team, provides effective security controls and seamlessly integrated threat intelligence for your on-premises environment.

Within minutes of installing the USM Appliance, our asset discovery features - Active Network Scanning, Passive Network Monitoring, Asset Inventory - will provide you visibility into the assets on your network, what software and services are installed on them, how they’re configured, and any potential vulnerabilities and active threats being executed against them.

Maintain Control Over Your Infrastructure

AlienVault USM Appliance is designed to help you monitor your physical and virtual infrastructure. It is designed for organizations that need something you can install, manage, and fully control in your own data center.

USM Appliance Sensors are deployed to your offices, data centers, and other on-premises locations to scan, monitor, and collect data from your network to provide you the visibility needed to monitor your on-premises environment effectively.

Learn more about deployment options ›

Achieve Comprehensive Compliance Management without the Headaches

IT compliance management is often a manual process that requires knowledge of your assets, log data collection, data centralization, intrusion detection, log analysis and reporting. USM Appliance delivers a single platform to help you manage compliance initiatives – saving you from the time, cost, and complexity of integrating multiple disparate technologies.

USM Appliance offers hundreds of built-in reports to support your compliance programs (e.g. PCI-DSS, ISO, SOX, HIPAA, GLBA, NERC CIP, GPG13, etc.). These are automatically updated as asset and vulnerability assessment data changes, and you can quickly customize them based on your own compliance priorities.

Learn more about compliance management ›

Quickly get answers to critical IT compliance management questions such as:

  • Where do your critical assets live, how are they configured, and how are they segmented from the rest of your network?
  • Who accesses these resources?
  • What are the vulnerabilities on my assets, have they been resolved, and how important are they?
  • What constitutes your network baseline and what is considered normal or acceptable?

Take a Product Tour.

Targeted guidance eliminates the guesswork associated with integrating data sources and provides precise suggestions for improving visibility.
Built-in network flow analysis provides all the data you need for in-depth investigations – including packet capture.
Secure storage of raw event data satisfies regulatory compliance requirements while an easy-to-use interface allows for quick searches.
Identify malicious actors attempting to interact with your network using our dynamic IP reputation data.
Centralized, integrated "how to" documentation for all you need to know about USM.
Built-in network IDS and host IDS results in more accurate threat detection and event correlation, faster deployment and simpler management.
Built-in vulnerability assessment simplifies security monitoring and speeds remediation.
Real-time threat intelligence utilizes kill-chain taxonomy to identify attackers, their victims, their methods and their intents.
Each alarm provides detailed and customized instructions on how to investigate and respond to malicious activity.
Customizable executive dashboards provide overviews and click-through details about your security and compliance posture.
All you need to know about an asset for incident investigation and response – in one window.
Automated asset discovery provides granular details on all devices in your network.
Deloitte Technology Fast 500
SC Media Best Buy
CRN Security 100 2017
CRN Partner Program Guide Winner 2017
SC Magazine Awards 2016 Europe Winner
Forbes Cloud 100
Cybersecurity Excellence Awards Winner 2016
Watch a Demo ›
GET PRICE FREE TRIAL CHAT