AlienVault® Unified Security Management™ (USM™) provides built-in vulnerability assessment software with the essential capabilities you need for complete security visibility of your cloud, hybrid cloud, and on-premises environments, all in one easy-to-use console.
With network vulnerability assessment, you can find the weak spots in your critical assets and take corrective action before attackers exploit them to sabotage or steal your data.
New vulnerabilities emerge near-daily as your IT landscape changes, introduced by configuration errors, unauthorized software installs, insecure endpoint devices, and much more. To keep your data secure, you must continuously scan your systems and devices to detect vulnerabilities as they arise.
Once detected, you must assess the potential threat of those vulnerabilities and prioritize your remediation activities to deal with the greatest threats first. This is no small task, as you must consider multiple factors:
AlienVault USM provides all this information in a single pane of glass, so you can easily perform network vulnerability assessment in your cloud, hybrid cloud, and on-premises environments. It brings together five essential security capabilities—asset discovery and inventory, vulnerability assessment, intrusion detection, behavioral monitoring, and SIEM & log management—all in a unified, easy-to-use platform. In addition, continuous threat intelligence, including vulnerability signatures, are delivered directly from AlienVault Labs Security Research Team, backed by the AlienVault Open Threat Exchange™ (OTX)™.
Continuously Scan and Monitor Your Environments
Gain Complete Visibility of Your Security Posture
Tap the Latest Threat Intelligence from AlienVault Labs and OTX
Remediate Your Vulnerabilities Faster
Effective vulnerability assessment demands that you continuously scan and monitor your critical assets. As your workforce becomes more mobile and your networks more virtualized in public and private cloud environments, it’s easier to miss assets that are offline during monthly or quarterly vulnerability scans. Left un-scanned, these assets can drive up your threat exposure and leave you vulnerable to attacks.
AlienVault USM makes continuous vulnerability scanning a simple yet flexible process. Because USM combines asset discovery and inventory with vulnerability assessment, you always have the most accurate, up-to-date asset inventory for your vulnerability scans.
AlienVault USM supports the following vulnerability scanning capabilities:
Regularly Scheduled Auto-scanning
AWS Vulnerability Assessment
Azure Vulnerability Assessment
While standalone vulnerability assessment software scans and detects vulnerabilities, it does not give you all the information you need to efficiently prioritize your response. To assess whether a vulnerability requires urgent action or not, you need to know:
AlienVault USM delivers this information in one central location, giving you complete visibility of your security posture so that you can make the most informed decisions about your vulnerability remediation and response priorities.
USM features built-in asset discovery and inventory capabilities, so you can scan and assess vulnerabilities in context of how significant or business critical the vulnerable assets are.
USM’s multi-layered intrusion detection systems (network intrusion detection, host intrusion detection, and cloud intrusion detection) and built-in event correlation tell you which vulnerabilities are currently under attack in your network, so you can take swift action to mitigate intrusions and prevent further exploitation of your critical systems.
In addition, AlienVault USM receives continuous threat intelligence updates from AlienVault Labs and OTX, so you know how your vulnerabilities are being exploited in the wild.
In reality, only a small number of vulnerabilities are actually exploited in real-world attacks. Therefore, it’s important to know which vulnerabilities in your environment are being exploited in the wild so that you can prioritize your remediation efforts to deal with the most severe and likely threats first.
AlienVault USM gives you real-world threat intelligence so that you can make informed decisions about your remediation priorities. Continuous threat intelligence is delivered directly to your USM environment from the AlienVault Labs Security Research Team, so you don’t have to spend countless hours researching and updating your security monitoring software with the latest vulnerability data.
Vulnerability assessment software must always be up to date, since exploits often opportunistically follow the discovery and public announcement of vulnerabilities by the security community. AlienVault Labs Security Research Team provides the latest vulnerability and threat data by leveraging the community-sourced threat intelligence of the Open Threat Exchange. This community of over 53,000 members, including security researchers and IT professionals in over 140 countries, shares actionable threat intelligence about the latest attack methods and bad actors. As vulnerabilities are discovered and exploited in the wild, you get the latest threat data at your fingertips.
Network vulnerability assessment is only half the battle. Without a way to prioritize your remediation activities and to verify that your patches, updates, and other fixes are done correctly, you have little assurance that you’re successfully shrinking your attack surface.
USM’s built-in vulnerability scanning functionality filters through the noise of false positives and vulnerabilities that are less important and allows you to focus on risks that truly matter to your business.
In USM’s interactive dashboards, you can see at-a-glance which assets are most vulnerable so you can deal with the important, most critical assets first. In the dashboard, vulnerability name, asset, Common Vulnerability Enumeration (CVE), and severity are displayed to identify the most severe vulnerabilities first.
USM provides remediation advice for vulnerabilities that are found and third-party resources for incidents and alarms, which can save you time in researching and resolving your vulnerabilities.
With the built-in ticketing and reporting in USM Appliance, you can easily and assuredly manage your vulnerability remediation processes and produce detailed reports for your management team as well as compliance checks.
For any alarm or vulnerability discovered, you can open and assign a ticket as well as send an email to your organization’s stakeholders or an external help desk or ticketing system. Each ticket provides a historical record of issues handled, as well as the capability to transfer tickets, assign them to others, and push work to other groups.