AlienVault’s Unified Security Management (USM) provides the five essential security capabilities necessary for complete security visibility. Threat detection is critical for information security, and implementing multi-layers of threat detection is an industry best practice. AlienVault USM includes three types of threat detection technologies: network IDS, host-based IDS, and wireless IDS.
Threat detection is a critical, essential security capability, and implementing multiple layers of threat detection is a best practice. AlienVault USM includes three types of threat detection technologies – Network IDS, Host-based IDS, and Wireless IDS. AlienVault’s built-in network intrusion detection technologies include Snort and Suricata, with over 1500 correlation rules for these sources, so that you can automatically aggregate and correlate data for multiple sources for full situational awareness. There is no need to integrate third party IDS sources, and not only that, we also provide full packet cap information. Additionally, we include built-in host-based IDS and file integrity monitoring to identify a potential system compromise, modification of critical configuration files, and the presence of common rootkits, rogue processes, and policy violations. Additionally, Wireless IDS can make sure that your wireless networks are also secure from policy violations and scanners attempting to break into your wireless networks and access points.
These built-in threat detection technologies are fed by rich threat intelligence from AlienVault labs and the open threat exchange, or OTX. Compiling data from more than 5000 installations across more than 80 countries, OTX provides real-time IP reputation data, so that you can prioritize events coming from known bad actors, command and control servers, and botnets. To see more of what USM can do for your organization, download our free trial software today, or schedule a live demo. More information is on our website.