GDPR Compliance Software | AlienVault

GDPR Compliance

Simplify GDPR Compliance Monitoring With A Complete Set of Essential Security Capabilities in a Single Solution

ALIENVAULT IS TRUSTED BY 7,000+ CUSTOMERS:
Career Builder
IPG Mediabrands
Dole Foods
Pappas Restaurants
Subaru
U.S. Air Force
Indiana State University
THSB
Ziosk
Save Mart Supermarkets
High Plains Bank
Epsilon Systems Solutions
Pepco Holdings Inc
Lifespan Bioscience
Arcos Dorados Holdings
Bluegrass Cellular
Bank of Ireland
Hays Medical Center
Taylor-Morrison
National Film Board of Canada
Richland Washington School District
PWC
Delta Sonic
Shake Shack
Miami Parking Authority
Subaru
Brookfield Zoo
Southwest Bank
Hawaiian Telcom
City of Fargo
Rainforest Alliance
HSB
Crawford Insurance
FoleyCAT
Pittsburgh Technical College
YMCA
Payoff
Crosskey Bank
Horizon Health Services
BAE Systems
Dominos
Food Services
GameStop
OshKosh
Steelcase
Tinder
Cambridge University

Explore the Total Economic Impact™ of AlienVault USM

Commissioned Study Conducted by

Get the Full Study ›

Accelerate GDPR Compliance with Unified Security Management

The General Data Protection Regulation (GDPR) requires organizations handling the personal data of European Union citizens to keep that data secure, and it levies big penalties to organizations that fail to comply. Unfortunately, traditional security monitoring solutions may fall short of helping organizations meet GDPR requirements.

AlienVault® Unified Security Management® (USM) provides a unified security monitoring and compliance management platform to accelerate GDPR compliance readiness. By integrating multiple capabilities into a single platform, AlienVault USM gives you visibility into your entire security posture and simplifies the compliance process.

GDPR requires organizations to maintain a plan to detect a data breach, regularly evaluate the effectiveness of security practices, and document evidence of compliance. Instead of specific technical direction, the regulation puts the onus on organizations to maintain best practices for data security.

Starting on Day One, AlienVault USM supports GDPR compliance readiness by helping you detect data breaches, monitor data security, and document your compliance readiness. The unified platform centralizes essential capabilities like asset discovery, vulnerability scanning, intrusion detection, behavioral monitoring, SIEM, log management, and threat intelligence updates.

AlienVault USM delivers the essential security capabilities you need from GDPR compliance software:

Simplify Security and GDPR Compliance Management with a Unified Platform

  • Shrink your attack surface with asset discovery and vulnerability scanning
  • Detect intrusions and potential data breaches with built-in intrusion detection
  • Prepare for forensic investigation with log retention and management

Detect, Investigate, and Report on Data Breaches

  • Detect breaches quickly with network intrusion detection (NIDS), host intrusion detection (HIDS), and cloud intrusion detection (CIDS)
  • Identify anomalous activity with behavioral monitoring
  • Document compliance readiness

Reduce Your Incident Response Time to Minimize Data Exposure

  • Respond to incidents quickly with automated response actions
  • Limit potential data exposure by shortening total time to response

Keep Your Security Plan Up-to-Date with Continuous Threat Intelligence Updates

  • Get the latest threat intelligence, curated by the AlienVault Labs Security Research Team
  • Stay up-to-date with threat intelligence updates continuously delivered to your USM deployment
  • PCI DSS Level 1 Service Provider
  • ISO 27001:2013 Certified Compliant *
  • SOC 2 Type 2 Certified Compliant
  • Attestation of HIPAA Compliance
  • AWS Security Competency Achieved
  • Microsoft Azure Certified
  • Third-Party Verified as GDPR Ready

* The ISMS that governs USM Anywhere, USM Central

We’re Trusted & Verified.

AlienVault makes compliance a top priority for your organization and for ours. We have adopted the NIST Cybersecurity Framework (CSF), aligning our security controls and processes with industry-proven security best practices.

We use our own USM platform to demonstrate and maintain compliance, working with third-party auditors to regularly test our systems, controls, and processes. AlienVault is certified compliant for several regulatory and cybersecurity standards, including PCI DSS and HIPAA, among others.

see How We Secure your data

Simplify Security and GDPR Compliance Management with a Unified Platform

Unlike point solutions that address one aspect of GDPR compliance at a time, AlienVault USM supports a range of compliance functions by integrating five essential security capabilities into one unified solution:

  • Asset Discovery
  • Vulnerability Scanning
  • Behavioral Monitoring
  • Intrusion Detection
  • SIEM & Log Management

AlienVault USM's unified approach gives you complete visibility of your security posture within a single pane of glass, making it simple to demonstrate GDPR security compliance.

With AlienVault USM's asset discovery capabilities, you can create and maintain a complete inventory of the critical assets you need to monitor to comply with GDPR requirements, giving you security visibility of your data protection efforts.

Article 32 requires organizations to take technical steps to ensure data protection, including constantly monitoring the effectiveness of your security plan.

Using AlienVault USM, you can schedule regular vulnerability scans of your critical assets to stay on top of essential patches and minimize your attack surface. In the case of the vulnerability exploited by WannaCry ransomware, for example, vulnerability scans within AlienVault USM would help you identify unpatched systems so you could apply patches or isolate them from essential data.

Built-in intrusion detection capabilities for network-, host-, and cloud-based systems allow you to monitor your entire critical infrastructure for data breaches. Behavioral monitoring helps you identify anomalous activity that could affect your stored data.

In case a breach does occur, AlienVault USM's secure log management capabilities ensure you have the event logs you need to meet the level of forensic investigation GDPR regulation requires.

Efficiently Detect, Investigate, and Report on Data Breaches

To achieve GDPR compliance, you need to demonstrate that you have a plan in place to monitor the critical infrastructure housing the personal data of EU citizens. AlienVault USM provides essential security monitoring capabilities to help you detect, investigate, and report on data breaches within your environments.

Network intrusion detection (NIDS) identifies threats using signature-based anomaly detection, collecting data from your on-premises environments to spot malicious attacks, malware intrusions, and other potential threats to your data.

AlienVault USM Anywhere™ delivers native cloud intrusion detection capabilities for Azure and AWS, allowing you to detect intrusions within your public cloud environments. USM Anywhere provides visibility into your security posture across your on-premises, public cloud, and private cloud environments, as well as cloud applications like Microsoft Office 365 and Google G Suite.

Host intrusion detection (HIDS) and file integrity monitoring (FIM) provide security visibility at the application layer, allowing you to detect activity such as potential system compromise, rogue processes, and changes to critical configuration files.

When AlienVault USM detects a threat within your environments, it creates an alarm to direct your attention to it, allowing you to respond quickly and limit the scope of a potential intrusion. USM intelligently prioritizes alarms based on the severity of threat, so you know which incidents to respond to first.

You can easily search and filter the log data within AlienVault USM to investigate potential intrusions and access all the information you might need for detailed investigation in the wake of a data breach. Granular search and filtering functions allow you to pivot around selected data for deeper analysis.

Reduce Your Incident Response Time to Minimize Data Exposure

To comply with GDPR regulations, organizations should have a plan in place to detect and respond to a potential data breach to minimize its impact on EU citizens. In the case of an attack or intrusion, a streamlined incident response process can help you respond quickly and effectively to limit the scope of the exposure.

AlienVault USM helps security teams respond to threats quickly by delivering a unified view of each organization's security posture. Instead of wasting time piecing together information from multiple systems, you can take swift, confident action with a centralized view of all your assets, their vulnerabilities, any intrusions or attempts to exploit those vulnerabilities, as well as contextual threat intelligence and remediation guidance.

When an incident occurs, prioritized alarms help you focus on the most important threats first. With detailed event data and incident response templates at your fingertips, it's easy to move quickly from detection to response rather than losing time on basic research.

With USM Anywhere, you can receive alerts via email or Amazon SNS to help you respond immediately to threats affecting your sensitive data.

When a potential intrusion occurs, USM Anywhere allows you to automate incident response actions within USM Anywhere as well as with leading third-party security tools like Cisco Umbrella, Palo Alto Networks, and Carbon Black. For example, if USM Anywhere detects evidence of ransomware like WannaCry, you can shut down or isolate the system and pull in additional data to help you investigate.

With USM Anywhere's automated incident response capabilities, you can eliminate time-consuming manual tasks and move swiftly from detection to response. Shortening your total time to respond limits the potential impact of intrusions, helping you minimize data exposure and meet protection requirements.

alienvault labs

Actionable Threat Intelligence Delivered Directly to You

Most teams don’t have unlimited resources to research the latest threats in the wild. That’s why the AlienVault Labs Security Research Team works on your behalf to scour the global threat landscape for emerging latest attack methods, bad actors, and vulnerabilities that could impact your security. This team analyzes hundreds of thousands of threat indicators daily and delivers continuous threat intelligence updates automatically to your USM environment, in the form of actionable IDS signatures, correlation rules, remediation guidance, and more. With this integrated threat intelligence subscription, you always have the most up-to-date threat intelligence as you monitor your environment for emerging threat.

To provide deeper and wider insight into attack trends and bad actors, the AlienVault Labs Security Research Team leverages the power of the Open Threat Exchange® (OTX™)—the world’s first truly open threat intelligence community. This community of security researchers and IT professionals collaborate and share millions of threat artifacts as they emerge “in the wild,” so you get global insight into attack trends and bad actors that could impact your operations.

Learn More About Threat Intelligence ›

Discover How AlienVault USM Supports GDPR Compliance

GDPR Article(s)

AlienVault USM Capability

Examples of How AlienVault USM Helps

Article 24 (Responsibility of the controller)
 
Article 25 (Data protection by design and by default)
 
Article 28 (Processor)

Continuous Monitoring

  • Monitor for indicators of malware-based compromise, such as communication to a known Command & Control (C&C) Server.
  • Monitors successful and failed logon attempts to external applications through Azure Active Directory and Okta, and to Office 365 and G Suite.
  • Monitors user and administrator activities, including access and modification of files and content, in cloud applications such as Office 365 and G Suite.
  • Identify which assets have remote access services running.
  • File Integrity Monitoring (FIM) detects access and modification to files and directories on Windows and Linux systems.
  • Runs regularly scheduled scans to identify new and updated assets and to identify any vulnerabilities on each asset.
  • Continuously updated threat intelligence ensures that the USM platform is operating with the latest correlation directives, vulnerability signatures, reports, guided responses, and more.
  • Identifies recommended patches for discovered vulnerabilities.

Personal Data Security

  • Monitors for communications with known malicious IP addresses, which could identify exfiltration of data.
  • Monitors for changes to Office 365 policies including Data Leakage Protection (DLP), information management, and more.
  • File Integrity Monitoring (FIM) detects and reports on access and changes to system binaries, content locations, and more.

Incident Detection

  • Aggregates events from across your on-premises and cloud environments and cloud applications, including Office 365 and G Suite.
  • Uses machine learning and state-based correlation capabilities to detect threats.
  • Classifies threats across a kill-chain taxonomy to inform the threat risk level.
  • Monitors public and dark web sources for the trade of stolen credentials.
  • Built-in notification capabilities enable analysts to be alerted to alarms through email, SMS, Datadog, PagerDuty, and Slack.
  • Customizable and searchable alarm and event views enable fast and simple review of events and detected incidents.
  • Continuously updated threat intelligence from AlienVault Labs and the Open Threat Exchange (OTX) delivers the latest correlation rules and Indicators of Compromise (IoCs) to the USM platform.

Incident Response

  • With the AlienApp for Forensics and Response, enables automatic forensics tasks to be executed in response to a detected threat.
  • Enable forensics investigation with rich filter, search, and reporting capabilities event and log data.
  • With AlienApps, enables orchestration of manual and automated actions to be executed to contain threats, such as isolating systems from the network or blocking communications with known malicious IP addresses.

Articles 33, 34 (Notification of a personal data breach)

SIEM Log Management & Reporting

  • Aggregates events from across your on-premises and cloud environments and cloud applications, including Office 365 and G Suite.
  • Enables rich search of up to 90 days of historic log and event data across normalized and enriched data fields.
  • Built-in and customizable dashboards and reports support regular review and report out of typical searches.
  • Securely archives original log and event data for at least 12 months, supporting longer-term investigations as needed.

Article 35 (Data protection impact assessment)

Asset Discovery

  • Built-in asset discovery discovers physical and virtual assets running in on-premises and cloud environments (including AWS, Azure, VMware, Hyper-V).
  • Asset Groups deliver dynamic or analyst-defined grouping of assets, such as business-critical assets, HIPAA assets, PCI CDE assets, Windows assets, and more.
Vulnerability Assessment
  • Identifies systems susceptible to known vulnerabilities or that may not have antivirus installed and/or operational.
  • Continuously updated threat intelligence from the Open Threat Exchange (OTX) and AlienVault Labs Security Research Team ensures that the USM platform has the latest vulnerability signatures.
Watch a Demo ›
GET PRICE FREE TRIAL