DevOps Security Controls | AlienVault

AWS DevOps Security

Compliment Your DevOps Security Practices
with the Unified Security Capabilities of
AlienVault USM Anywhere

Career Builder
IPG Mediabrands
Dole Foods
Pappas Restaurants
U.S. Air Force
Oklahoma University
Save Mart Supermarkets
High Plains Bank
Epsilon Systems Solutions
Pepco Holdings Inc
Lifespan Bioscience
Arcos Dorados Holdings
Bluegrass Cellular
Bank of Ireland
Hays Medical Center
National Film Board of Canada
Richland Washington School District
Delta Sonic
Shake Shack
Miami Parking Authority
Brookfield Zoo
Southwest Bank
City of Fargo
Rainforest Alliance
Crawford Insurance
Pittsburgh Technical College
Apple Bank
Horizon Health Services
BAE Systems
Food Services


Explore USM Anywhere with Our Online Demo!

Improve DevOps with AlienVault USM Anywhere

DevOps security has the potential of being a business enabler due to its agility in responding quickly to changing requirements. However, outdated practices can end up being a bottleneck, or worse, push back on initiatives.

In cloud environments, continuous security monitoring is essential to ensuring that frequent changes do not expose systems or information to unnecessary risk. For example, developers inadvertently opening access on a backend port or embedding credentials in source code.

AlienVault® USM Anywhere™ is a unified security platform that provides threat detection and prioritization, incident response, and compliance management for AWS and other cloud environments. With USM Anywhere, organizations get the benefit of built-in capabilities that speed up deployment and decisions needed throughout the DevOps and security process.

AlienVault USM Anywhere allows you to:

Reduce Errors

  • Always vigilant
  • Attack intent & strategy
  • External known bad actors

Accelerate Delivery

  • Eliminate bottlenecks
  • Quick setup and results
  • Enhance cooperation & communication

Measure Results

  • Eliminate bottlenecks
  • Quick setup and results
  • Enhance cooperation & communication

Reduce Errors

As an operational framework, DevOps works to ensure consistency and standardization of software via automation. This automation allows for reduction of human error and forces consistency.

With its AWS-native sensor, USM Anywhere is purpose-built solution for AWS environments and the ‘shared responsibility’ security model. It automates threat detection and response by continuously scanning the environment for exposed vulnerabilities, unauthorized instances, exposed credentials, or misconfigured assets introduced by continuous delivery sprint cycles.

USM Anywhere also makes it easier for you to utilize AWS-provided security controls like CloudTrail and Security Groups with centralized monitoring and alerting, as well as event correlation.

USM Anywhere receives new threat intelligence updates, which includes IDS signatures and correlation directives for the latest threats, continuously. These threat updates come directly from AlienVault Labs Threat Research team.

AlienVault Labs acts as an extension to your IT team. It is constantly performing advanced research on current threats and develop updates to AlienVault USM Anywhere’s threat intelligence in the form of correlation rules, IDS signatures, response guidance, and more.

Accelerate Delivery

DevOps is built on the Agile manifesto to enable rapid application development and continuous enhancement to meet new requirements to accelerate business objectives. DevOps security monitoring capabilities have to keep pace and even stay ahead of the dynamically changing environment and threats.

Traditional SIEMs and security products can take days, if not months to install, setup, and configure. AlienVault USM Anywhere is designed with speed and efficiency in mind – allowing you to sign up and deploy quickly. You can start seeing actionable alarms in less than one hour with DevOps security automation.

Threats are displayed using the Kill Chain Taxonomy which breaks out threats into five categories. This prioritized view allows you to quickly understand the intent of attackers and how they’re interacting with your network and assets.

  • Asset Discovery
    • API-powered Asset Discovery
  • Vulnerability Assessment
    • AWS infrastructure assessment
    • Authenticated vulnerability assessment
  • Intrusion Detection
    • OSQuery Host IDS for Linux
    • Sysmon Host IDS for Windows
    • Log aggregation with CloudWatch
  • Behavioral Monitoring
    • AWS access logs (CloudTrail, S3, ELB)
    • AWS VPC Flow monitoring
  • SIEM
    • CloudTrail monitoring and alerting
    • Event correlation
    • Log management
    • Incidence response
    • Integrated AlienVault Open Threat Exchange™ (OTX™) Data
    • 12-month raw log retention

Measure Results

DevOps security tools are not just about automation, but also about continuous and iterative improvements. The collection of metrics allows you to know where to focus your attention.

Data captured from the network and applications forms the basis for measuring everything needed to support your DevOps Security and compliance requirements.

AlienVault USM Anywhere not only provides reporting as a one-time event, but in line with DevOps and security practices, has a system of processes that are continually enforced.

AlienVault USM Anywhere delivers this comprehensive log management and log analysis capability for your AWS environment to help you achieve compliance with regulatory requirements such as PCI-DSS, FedRAMP, Sarbanes Oxley, and HIPAA. Although specific requirements for monitoring and security event management vary from one standard to the next, AlienVault USM Anywhere can help you quickly achieve compliance in your AWS environment with all the essential security capabilities you need in a single console.

Secure Your AWS Environment

USM Anywhere provides complete cloud security management for your AWS environments. It includes all of the essential capabilities for monitoring cloud security and quickly identifying malicious or suspicious activity in your AWS cloud infrastructure.

Watch a Demo ›