Find Network and System Vulnerabilities
Before Attackers Do

Network Vulnerability Scanning and Assessment

Watch Vulnerability Assessment Best Practices

AlienVault Unified Security Management™ (USM) provides network vulnerability scanning and reporting built in with all the essential capabilities needed for complete security visibility. It provides five essential security capabilities every organization needs: Asset Discovery, Vulnerability Assessment, Intrusion Detection, Behavioral Monitoring, and SIEM.

You can deploy USM in less than one hour, scan your network for vulnerabilities, and get actionable threat insights within minutes of installation. Learn More

Download A Free Trial

  • Know what's connected to your network
  • Create and schedule unlimited vulnerability scans
  • Use authenticated and unauthenticated scanning modes
  • Use active and passive scanning modes
  • Run, schedule, email, and customize reports
  • Correlate asset, vulnerability, and threat data automatically

Network Vulnerability Scanning
and Continuous Monitoring

Discover Network Assets and
Expose Vulnerabilities Easily

In order to improve the security posture of your network, you first need to know what's vulnerable. With USM, you get a simple, reliable way to stay on top of what's connected to your network and maintain visibility into its vulnerabilities.

Automated Asset Discovery

Know what's connected to your network and how they're configured with three core built-in asset discovery and inventory technologies.

  • Passive network monitoring – identify hosts and installed software packages
  • Active network scanning – Identify devices, OS, running services, and installed software
  • Host-based software inventory (optional) – can enumerate all software installed on machines

Unlimited Vulnerability Scanning

Conduct scans as often as you need. There is no limit to your number of network vulnerability scans.

Extensive and Dynamic Vulnerability Database

USM utilizes a database of approximately 30,000 known vulnerabilities, related to infrastructure, OS, applications and protocols.

Scheduling and Customization

Schedule the vulnerability scanner to suit your needs, and customize them to scan specific network segments at greater frequency. That way, you are able to focus vulnerability scans to scan critical network asset groups.

Authenticated and Unauthenticated Scanning

Scan without host credentials by probing hosts with targeted traffic and analyzing the response. USM is also able to perform authenticated scans to inspect installed software and its configuration.

Active Network Scanning

Actively probes hosts using carefully crafted network traffic to illicit a response. This can be viewed as "poking" for suspected vulnerabilities in IT assets.

Continuous Vulnerability Monitoring

Also known as passive vulnerability detection, USM correlates the data gathered by its asset discovery scans with known vulnerability information for improved accuracy. This provides valuable vulnerability information while minimizing network noise and system impact.

Vulnerability Assessment, Reporting, and Remediation

Assess and Remediate Vulnerabilities Rapidly

Get a fast, effective way to expose your network vulnerabilities and see exactly what to do about them. With USM, you'll have all the information you need in a single console to verify risk severity and know how to remove vulnerabilities to improve your security posture quickly.

Automated Cross Correlation

Correlate vulnerability data with asset information and threat data automatically. You can view vulnerabilities by asset in the Asset view, or across systems in the Vulnerability view. You can easily cross-correlate IDS alarms with vulnerabilities to determine if the host being attacked is actually vulnerable to the exploit.

Complete Vulnerability Info

USM provides information about each vulnerability detected, including severity, and suggests the corrective actions you need to perform. Within the console, you can drill down on vulnerabilities found on systems and see more information. You can look at vulnerabilities by service, severity, host, or groups of vulnerabilities.

Prioritization and Remediation Guidance

USM prioritizes vulnerabilities based on risk severity and suggests corrective actions for each vulnerability.

Built-in Threat and Compliance Reports

Get more than 120 professionally developed compliance and threat reports out-of-the-box. These can be cloned and customized easily for new reports.

Report Customization and Scheduling

Customize and schedule vulnerability reports to meet your business needs, from delivery times down to company logo and color palette. The commercial reporting system provides a module-based approach, allowing more than 2,500 report components to be combined into a single snapshot report that displays exactly the information you require on your schedule.

Alarms

With USM, you can set alarm thresholds and drive remediation with the built-in ticketing system.

The Unified Security Management Difference

5 Essential Security Capabilities in a Single Console

The AlienVault Unified Security Management™ (USM) platform provides five essential security capabilities in a single console, giving you everything you need to manage both compliance and threats. Understanding the sensitive nature of IT environments, we include active, passive and host-based technologies so that you can match the requirements of your particular environment.

Asset Discovery

  • Active Network Scanning
  • Passive Network Monitoring
  • Asset Inventory
  • Host-based Software Inventory

Asset Discovery

Vulnerability Assessment

  • Network Vulnerability Testing
  • Continuous Vulnerability Monitoring

Vulnerability Assessment

Intrusion Detection

  • Network IDS
  • Host IDS
  • File Integrity Monitoring

Threat Detection

Behavioral Monitoring

  • Netflow Analysis
  • Service Availability Monitoring
  • Full packet capture

Behavioral Monitoring

SIEM

  • Event Correlation
  • Incident Response
  • Reporting and Alarms
  • Log Management

Security Intelligence

Download a Free Trial

Take a Product Tour.

Real-time threat intelligence utilizes kill-chain taxonomy to identify attackers, their victims, their methods and their intents.
Each alarm provides detailed and customized instructions on how to investigate and respond to malicious activity.
Customizable executive dashboards provide overviews and click-through details about your security and compliance posture.
All you need to know about an asset for incident investigation and response – in one window.
Automated asset discovery provides granular details on all devices in your network.
Targeted guidance eliminates the guesswork associated with integrating data sources and provides precise suggestions for improving visibility.
Built-in network flow analysis provides all the data you need for in-depth investigations – including packet capture.
Secure storage of raw event data satisfies regulatory compliance requirements while an easy-to-use interface allows for quick searches.
Identify malicious actors attempting to interact with your network using our dynamic IP reputation data.
Centralized, integrated "how to" documentation for all you need to know about USM.
Built-in network IDS and host IDS results in more accurate threat detection and event correlation, faster deployment and simpler management.
Built-in vulnerability assessment simplifies security monitoring and speeds remediation.

Free Trial Demo Get Price ChatNeed help?