Cloud-based Intrusion Detection System (IDS) | AlienVault

Cloud‑based Intrusion Detection System (IDS)

Detect the Latest Threats to Your Cloud Environments

TRUSTED BY THOUSANDS OF CUSTOMERS.
Career Builder
IPG Mediabrands
Dole Foods
Pappas Restaurants
Subaru
U.S. Air Force
Oklahoma University
THSB
Ziosk
Save Mart Supermarkets
High Plains Bank
Epsilon Systems Solutions
Pepco Holdings Inc
Lifespan Bioscience
Arcos Dorados Holdings
Bluegrass Cellular
Bank of Ireland
Hays Medical Center
Taylor-Morrison
National Film Board of Canada
Richland Washington School District
PWC
Delta Sonic
Shake Shack
Miami Parking Authority
JobReady
Subaru
Brookfield Zoo
Southwest Bank
Cintra
City of Fargo
Rainforest Alliance
HSB
Crawford Insurance
FoleyCAT
Pittsburgh Technical College
YMCA
Payoff
Apple Bank
Horizon Health Services
BAE Systems
Dominos
Food Services
GameStop
OshKosh
Steelcase
Tinder

TAKE A TEST DRIVE NOW:

Explore USM Anywhere with Our Online Demo!

Get Intrusion Detection for Cloud and On‑Premises with USM Anywhere

A cloud-based intrusion detection system (IDS) is essential for companies migrating workloads and services to public cloud infrastructure like Amazon Web Services and Microsoft Azure.

That’s because cloud environments pose a unique security challenge: While you must monitor for threats and intrusions in the cloud as you do your on‑premises infrastructure, traditional intrusion detection systems (IDS) can’t give you full visibility into your cloud environments. Yet, having to purchase and manage a point security solution just for cloud-based intrusion detection can consume time, budget, and resources you can’t afford to spare.

That’s why AlienVault® USM Anywhere™ includes native cloud IDS capabilities as part of its unified security essentials. With USM Anywhere, you can deploy one platform for intrusion detection, asset discovery, vulnerability assessment, SIEM, log management, and behavioral monitoring for all your cloud and on‑premises infrastructure.

By combining these essential security capabilities for cloud and on‑premises onto a single platform, USM Anywhere saves you significant time and money compared to deploying traditional security solutions, and it’s easy to use.

In addition, USM Anywhere receives threat intelligence updates continuously from the AlienVault Labs Security Research Team, including correlation rules, IDS signatures, and more. This means that you can always detect the latest threats without having to spend time researching or updating your correlation rules.

Deploy One Unified Solution for Your Security and Compliance Needs

  • Network IDS, Host-based IDS, and Cloud-based IDS
  • Asset Discovery and Vulnerability Assessment
  • Behavioral Monitoring
  • SIEM and Log Management

Detect Threats to Your Critical Infrastructure—No Matter Where It Is

  • Natively monitor your AWS and Azure clouds and on‑premises physical and virtual (VMware, Hyper-V) environments
  • Detect threats to cloud applications like Microsoft Office 365 and Google G Suite
  • Protect your legacy investments by collecting and correlating events from your existing IDS / IPS

Respond to Threats Faster with Automated Incident Response

  • Reduce Time to Detection (TTD) and Time to Response (TTR) with automation
  • Push incident response actions to third-party security tools like Palo Alto Networks and Cisco Umbrella

Let Our Security Research Team Do the Heavy Lifting for You

  • Receive curated updates from the AlienVault Labs Security Research Team—built directly into your USM Anywhere deployment
  • Stay up-to-date and ready to detect the latest threats to your cloud and on‑premises environments
Reviews of AlienVault Unified Security Management™ on  Software Reviews on TrustRadius

Deploy One Unified Solution for Your Security and Compliance Needs

With USM Anywhere’s native cloud-based intrusion detection system (IDS), you can detect threats to your cloud infrastructure from the same console as the rest of your security monitoring needs. By reducing the number of solutions you need to manage, you can free up time and resources for other critical priorities.

Unlike other cloud security solutions, USM Anywhere provides cloud IDS as part of a unified platform that delivers multiple essential security and compliance monitoring capabilities in one cost-effective package:

Asset Discovery

Easily create an inventory of the critical assets you need to monitor across all your environments.

Vulnerability Assessment

Schedule automated internal vulnerability scans to identify and patch vulnerabilities before they’re exploited.

Intrusion Detection

USM Anywhere delivers cloud-based IDS, network-based IDS, and host-based IDS to detect threats across the breadth of your infrastructure.

Behavioral Monitoring

Identify patterns of anomalous or suspicious user activity and traffic that can affect your organization’s security posture.

SIEM and Log Management

Analyze, search, and store event log data to detect threats and anomalies and to prepare for compliance readiness.

By unifying these capabilities in one easy-to-use solution, USM Anywhere helps you conserve time and resources without sacrificing your organization’s security.

Built with resource-constrained teams in mind, USM Anywhere also ensures that your security plan stays up-to-date—without requiring you to devote time to researching emerging threats. Instead, the AlienVault Labs Security Research Team continuously builds threat intelligence updates into your USM deployment so you’re always ready to detect the latest threats.

Detect Threats to Your Critical Infrastructure—No Matter Where It Is

Traditional security monitoring solutions built for on-premises infrastructure have a major blind spot when it comes to the cloud, and attackers know it. Cloud service providers secure the underlying cloud infrastructure, but not any services or applications you deploy in the cloud. Without cloud threat monitoring tools, your organization may be vulnerable to cloud attacks.

USM Anywhere simplifies threat detection by delivering the IDS capabilities you need to detect threats both in the cloud and on-premises, from a single solution.

With USM Anywhere’s purpose-built cloud IDS capabilities, you can count on full security visibility of your cloud environments. Our native cloud sensors are purpose-built for AWS and Azure, and hook directly into the cloud APIs to detect malware, attacks, and other threats that may affect your AWS and Azure environments.

From the same unified solution, you can detect threats to your organization’s cloud IT applications, including Microsoft Office 365 and Google G Suite.

For on-premises threat detection, USM Anywhere delivers both network and host-based intrusion detection (NIDS and HIDS). Network intrusion detection uses signature-based anomaly detection and protocol analysis technologies to detect threats at the network level. With NIDS, you can catch the latest attacks, policy violations, and other exposures affecting your on-premises systems and devices.

Host-based intrusion detection (HIDS) gives you security visibility at the application layer, including file integrity monitoring (FIM). With HIDS, you can track user access and activity to detect security exposures such as changes to configuration files.

Respond to Threats Faster with Automated Incident Response

Built with resource-constrained teams in mind, USM Anywhere provides the capabilities you need for faster, more efficient incident detection and response.

USM Anywhere integrates built-in intrusion detection with security orchestration capabilities, enabling you to respond quickly to threats affecting your cloud and on-premises environments. Alarms are prioritized automatically to help you identify on the most urgent threats to work on first, and you can also receive notifications via email or Amazon SNS.

USM Anywhere enables you to respond to threats swiftly and effectively. For example, you can define an action that disables networking on a machine if ransomware is detected, preventing the attack from propagating while you investigate.

You can also execute response actions towards third-party security tools like Cisco Umbrella and Palo Alto Networks next-generation firewalls directly from USM Anywhere. That’s because USM Anywhere delivers pre-built integrations known as AlienApps™ that connect with other essential security and IT products. AlienApps enable you to orchestrate your threat detection and incident response activities across your IT ecosystem—all from a single pane of glass.

Let Our Security Research Team Do the Heavy Lifting for You

Attackers evolve their tools and methods constantly, turning familiar threats into new hazards meant to evade existing detection techniques.

Whether in the cloud or on-premises, effective intrusion detection relies on an awareness of what’s happening in the threat landscape—which requires time and resources. Without an in-house team of security analysts to investigate emerging threats and update your security plan to detect them, most cloud-based intrusion detection systems will quickly become obsolete.

USM Anywhere eliminates this burden by leveraging the expertise of the AlienVault Labs Security Research Team, who curate and deliver threat intelligence updates to USM Anywhere using the latest threat research.

The AlienVault Labs Security Research Team investigate emerging threats so you don’t have to, freeing up your team’s time for other priorities.

This team continuously builds new updates into your USM Anywhere deployment in the form of eight coordinated rulesets, which include correlation directives, intrusion signatures, vulnerability signatures, and remediation guidance.

By analyzing the threat data from the AlienVault Open Threat Exchange® (OTX™) in their research, the Security Research Team ensures that your security plan reflects insights drawn from in-the-wild attacks contributed by OTX’s 53,000+ participants from 140 countries worldwide.

SC Media 5-Star
CRN Security 100 2017
CRN Cloud PPG 2017
SC Magazine Awards 2017 Europe Winner
Forbes Cloud 100 2017
Deloitte Fast 500
Cybersecurity Excellence Awards Winner 2017
Watch a Demo ›
GET PRICE FREE TRIAL CHAT