Reduce the Cost &
Complexity of ISO
AlienVault Unified Security Management (USM) delivers the essential security controls you expect in ISO 27001 compliance software—all in a unified security monitoring solution for cloud, hybrid cloud, and on-premises environments.
Accelerate ISO 27001 Compliance
ISO/IEC 27001 provides guidance for implementing information security controls to achieve a consistent and reliable security program. The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) developed 27001 to provide a worldwide standard for information security.
Achieving 27001 compliance can be challenging for many organizations because of its broad scope, especially for organizations with limited resources. To accelerate ISO information security compliance, you need to simplify, consolidate, and automate essential security controls to unify policy monitoring, threat detection, and remediation prioritization.
AlienVault® USM™ delivers the essential security management you need for ISO 27001 security compliance:
Unified Asset Discovery & Vulnerability Assessment
- Asset discovery & inventory
- Vulnerability assessment
Continuous Security Monitoring
- Detect policy violations quickly
- IDS, FIM, and traffic monitoring
Flexible Security Analytics Dashboards & Reports
- Report templates for ISO 27001 simplifies audits
- Flexible search and analysis capabilities accelerate audit responses
Unified Asset Discovery and
A fundamental component of ISO 27001 compliance is creating and maintaining a comprehensive asset inventory. USM’s built-in asset discovery capability combines essential asset discovery and inventory technologies to give you full visibility into the devices that are on your cloud and on-premises environments:
- Passive network monitoring to discover hosts and installed software without affecting system performance or network utilization
- Active network scanning to obtain more detailed information about devices and installed software
Once USM has created your asset inventory, its built-in vulnerability assessment technology alerts you to the vulnerabilities on those assets that could be exploited by an attacker. With a unified view of your assets and vulnerabilities, you can prioritize your remediation activities to deal with the most severe vulnerabilities or most business-critical assets first.
In addition, USM correlates intrusion detection data from the built-in IDS tools with asset and vulnerability information, so you know which of your vulnerabilities are actively being exploited in your environment.
Continuous Security Monitoring with USM
ISO 27001 compliance requires the aggregation of event data from multiple systems into a single view. AlienVault USM delivers the visibility you need in a single platform – saving you the time and expense of manually aggregating this data.
The USM platform utilizes the built-in essential security controls to generate the data that enables you to detect policy violations quickly and reduce time to compliance.
- Built-in Intrusion Detection Systems (IDS) detect malicious activity targeting your assets
- File Integrity Monitoring (FIM) detects changes in critical files on-premises
- NetFlow identifies unusual network activity in your on-premises infrastructure
This unified approach allows you to quickly answer the critical questions that are required for ISO 27001 compliance:
- What are my critical assets and how are they configured?
- Where are my critical assets located?
- How is my environment segmented to limit access to these assets?
- Who (users and machines) has access to these resources?
- What are the vulnerabilities that affect my compliance status?
- What constitutes baseline or “normal” activity in my network?
- Which users are violating policies?
- What are my privileged users doing?
- Who is attaching unauthorized removable media (e.g. USB drives) to critical network assets?
Flexible Security Analytics Dashboards & Reports
ISO 27001 compliance requires on-going policy enforcement. The built-in security controls, combined with USM’s powerful reporting engine, help you develop and monitor your policies from a single console.
USM Appliance™ provides ready-to-use report templates for ISO 27001 as well as the ability to customize those templates, ensuring that you can generate the reports you need. There are also compliance reports for other regulatory requirements such as HIPAA, PCI-DSS, GLBA, NERC CIP, GPG13 and other programs.
In USM Anywhere™, all relevant security data is available at your fingertips with intuitive search and filter capabilities, making audit response and incident investigation a fast and efficient process. In USM Anywhere, you can easily:
- Search events to identify activity and trends
- Apply filters to find more granular data
- Sort by event name, IP address, and more
- Create, save, and export custom data views
- Examine raw log data related to alarm activity