The dynamic nature of today’s cloud, on-premises, and hybrid network environments requires continuous network vulnerability scanning to defend against the evolving threat landscape. Constant application updates and changes to application and system configurations can introduce vulnerabilities and leave you susceptible to an attack, even if you are keeping your security controls up to date.
AlienVault® Unified Security Management® (USM) helps you detect and remediate the vulnerabilities in your environment before attackers exploit them. AlienVault USM delivers vulnerability scanning software as part of a unified platform that also includes asset discovery, intrusion detection, behavioral monitoring, SIEM event correlation, and log management.
Deploying and configuring a traditional security solution for network vulnerability scanning can be difficult and time-consuming. Often, IT teams conduct a scan only as a procedural ‘check the box’ measure, either in reaction to an incident or so infrequently that it has almost no measureable impact.
AlienVault USM addresses this pain point by providing a unified and easy-to-use platform that includes both asset discovery and network vulnerability scanning tools. The USM platform makes it simple to schedule regular asset and vulnerability scans, so you can ensure continuous vulnerability assessment without having to manage the process manually.
AlienVault USM allows you to stay aware of your vulnerabilities with these advanced features:
Traditional approaches to network vulnerability scanning and analysis rarely focus on usability and can seem unapproachable by those in IT wearing multiple hats. This leads to frustration, infrequent and inconsistent analysis, and the risk of total project abandonment. Unfortunately, threat actors are all too familiar with this behavior and use it to their advantage by exploiting flaws in new additions to the victim’s environment.
When time and simplicity are of the essence, you need a security solution that automates your network vulnerability scanning, and that accelerates the time to detect and respond to detected vulnerabilities.
AlienVault USM delivers comprehensive vulnerability scanning software plus asset discovery in a single console. AlienVault USM provides rich context on detected vulnerabilities, including historical data on the asset, available patches, and more.
In addition, the USM platform provides easy scheduling of vulnerability scans, allowing you to easily manage your network vulnerability scanning program as well as minimize disruption of critical services during peak time.
Once you’ve scanned your assets for vulnerabilities, you need to develop a response plan that describes the vulnerabilities and their potential impact to your environment, and then decide which issues to remediate first. Doing this efficiently requires expert knowledge of not only the exploit methods but the affected systems as well.
AlienVault USM's web interface provies a rich, graphical display of vulnerabilities discovered as well as the affected services, systems, and environments. An interactive dashboard shows your most vulnerable assets, vulnerabilities by asset group, a view into the mix of vulnerabilities by their severity (high, medium, and low), and a list of the latest scanning jobs. You can also re-run scans, modify scanning schedules, or even delete jobs – all from within the AlienVault USM user interface.
The data and analytics produced from the network vulnerability scanner contain rich, actionable intelligence, including detailed descriptions of vulnerability, the severity of the vulnerability, the affected software, and the availability of any patches. In most cases, links to references are provided to the CVE detail within the Open Threat Exchange (OTX) for continued research.