AlienVault® Unified Security Management™ (USM™) delivers a built-in network vulnerability scanner to monitor your cloud, hybrid cloud, and on-premises critical infrastructure for vulnerabilities and configuration issues.
A Network Vulnerability Scanner
for All Environments
The dynamic nature of today’s cloud and on-premises network environments requires persistent vulnerability scanning to defend against the evolving threat landscape. Constant changes to devices, configurations, and applications can leave you susceptible to an attack, even if you are keeping your security controls up to date.
To help you detect and remediate the vulnerabilities in your environment before attackers exploit them, USM delivers vulnerability scanning software as part of a unified, all-in-one security essentials platform. Purpose-built sensors in USM Anywhere™ scan your AWS and Azure clouds and your on-premises physical and virtual infrastructure, giving you centralized security monitoring of your entire cloud, hybrid cloud, and on-premises IT landscape.
Stay on Schedule
Deploying and configuring a traditional security solution for network vulnerability scanning can be difficult and time-consuming. Often, IT teams conduct a scan only as a procedural ‘check the box’ measure, either in reaction to an incident or so infrequently that it has almost no measureable impact.
AlienVault USM addresses this pain point by providing a unified and easy-to-use platform that includes both asset discovery and network vulnerability scanning tools. USM makes it simple to schedule regular asset and vulnerability scans, so you can ensure continuous vulnerability assessment without having to manage the process manually.
AlienVault USM™ allows you to stay aware of your vulnerabilities with these advanced features:
Easy Configuration and Scheduling of Vulnerability Scans
- Easily set up scan jobs targeting individual assets, asset groups, or even entire networks
- Schedule scans to run automatically at regular intervals to take the guesswork out of managing a scanning routine
- Control the techniques utilized and level of scanning intensity using default profiles or by creating your own
Intuitive Dashboard and Analytics Interface
- Leverage at-a-glance analysis of top assets and networks affected by discovered vulnerabilities
- Produce useful and easy-to-export custom data views that list threats by severity, allowing you to better prioritize your efforts
Regular Updates to Vulnerability-related Threat Intelligence Delivered
- Expert research on today’s attacks is developed into new vulnerability signatures
- Effortlessly update this threat intelligence to spot the latest exploits
Easy Configuration and Scheduling
of Vulnerability Scans
Traditional approaches to network vulnerability scanning and analysis rarely focus on usability and can seem unapproachable by those in IT wearing multiple hats. This leads to frustration, infrequent and inconsistent analysis and, too often, total project abandonment. Unfortunately, threat actors are all too familiar with this behavior and use it to their advantage by exploiting flaws in new additions to the victim’s environment.
When time and simplicity are of the essence, you need a security solution that accelerates your network vulnerability scanning and threat detection process. AlienVault USM provides this functionality by bolstering comprehensive vulnerability scanning software with asset discovery, a streamlined UI, and easy scheduling. Scheduling scans in advance allows you to easily manage your network vulnerability scanning program as well as minimize disruption of critical services during peak time.
You can also easily specify the methods used during the scans as well as how intensely your assets are probed. You can use the predefined scanning profiles, modify them to meet your explicit needs, or create your own from scratch.
Intuitive Dashboard and Analytics Interface
Once you’ve scanned your assets for vulnerabilities, you need to develop a response plan that describes the vulnerabilities and their potential impact to your environment, and then decide which issues to remediate first. Doing this efficiently requires expert knowledge of not only the exploit methods but the affected systems as well.
AlienVault USM gives you an interface that provides a graphical display of vulnerabilities discovered by severity as well as affected services, systems, and networks. You also have a dashboard detailing the status of scheduled, in progress, and past scans. From here, you also have the ability to re-run scans, modify scanning schedules, or even delete jobs.
The data and analytics produced from the network vulnerability scanner contain rich, actionable intelligence including detailed descriptions of vulnerability, insight into root cause, and remediation guidance. In most cases, links to references are provided for continued research. Exporting this data is easy, with links to download in PDF or CSV formats.
Regular Updates to Vulnerability-related
Threat Intelligence Delivered
One of the most significant challenges to securing your environment is having the knowledge required to identify vulnerabilities, prioritize which are the biggest threats to your environment, and then remediate any issues found. While many tools provide an initial set of vulnerability signatures, keeping them up to date and developing new ones is often up to the user. You have little time to research new threats and develop vulnerability intel, especially when securing your environment isn’t your only responsibility.
That’s where the Threat Intelligence produced by AlienVault Labs Security Research Team steps in to assist. Think of it as an extension to your IT team – they are constantly performing advanced research on current threats and developing updates to AlienVault USM’s threat intelligence. In addition to the vulnerability signatures, you receive updates to SIEM correlation rules, IDS signatures, knowledgebase articles, and more.
The AlienVault USM platform is continuously updated to ensure that it is continuously conducting network vulnerability scanning for the latest threats without requiring in-house research or development of vulnerability data. This allows you to allocate your time and resources to other responsibilities and do more with a smaller team.