AlienVault® Unified Security Management™ (USM™) provides built-in network vulnerability assessment software with the essential capabilities you need for complete security visibility and threat intelligence, all in one easy-to-use console.
With network vulnerability assessment, you can find the weak spots in your critical assets and take corrective action before attackers exploit them to sabotage or steal your data.
New vulnerabilities emerge near-daily as your IT landscape changes, introduced by configuration errors, unauthorized software installs, insecure endpoint devices, and much more. To keep your network secure, you must continuously scan your systems and devices to detect vulnerabilities as they arise.
Once detected, you must assess the potential threat of those vulnerabilities and prioritize your remediation activities to deal with the greatest threats first. This is no small task, as you must consider multiple factors:
AlienVault USM provides all of this information from a single pane of glass, so you can easily detect, assess, and remediate the vulnerabilities on your critical assets. It brings together five essential security capabilities—asset discovery and inventory, vulnerability assessment, intrusion detection, behavioral monitoring, and SIEM & log management—all in a unified, easy-to-use platform. In addition, continuous threat intelligence, including vulnerability signatures, are delivered directly from AlienVault Labs, backed by the AlienVault Open Threat Exchange™ (OTX)™.
Continuously Scan and Monitor Your Network
Gain Complete Visibility of Your Security Posture
Tap the Latest Threat Intelligence from AlienVault Labs and OTX
Ease Remediation with Built-in Ticketing & Reporting
Effective vulnerability assessment demands that you continuously scan and monitor your critical assets. As your workforce becomes more mobile and your networks more virtualized, it’s easier to miss assets that are offline during monthly or quarterly vulnerability scans. Left un-scanned, these assets can drive up your threat exposure and leave you vulnerable to attacks. AlienVault USM makes continuous vulnerability scanning a simple yet flexible process. Because USM combines asset discovery and inventory with vulnerability assessment, you always have the most accurate, up-to-date asset inventory for your vulnerability scans.
AlienVault USM supports the following vulnerability scanning capabilities:
Regularly scheduled auto-scanning
Asset- and network-specific scanning
Authenticated scanning (with host credentials)
Unauthenticated scanning (no host credentials)
Continuous passive monitoring
While standalone vulnerability assessment software scans and detects vulnerabilities, it does not give you all the information you need to efficiently prioritize your response. To assess whether a vulnerability requires urgent action or not, you need to know:
AlienVault USM delivers this information in one central location, giving you complete visibility of your security posture so that you can make the most informed decisions about your vulnerability remediation and response priorities.
USM features built-in asset discovery and inventory capabilities, so you can scan and assess vulnerabilities in context of how significant or business critical the vulnerable assets are.
USM’s intrusion detection systems (NIDS, HIDS) and built-in event correlation tell you which vulnerabilities are currently under attack in your network, so you can take swift action to mitigate intrusions and prevent further exploitation of your critical systems.
In addition, AlienVault USM receives continuous threat intelligence updates from AlienVault Labs and OTX, so you know how your vulnerabilities are being exploited in the wild.
In reality, only a small number of vulnerabilities are actually exploited in real-world attacks. Therefore, it’s important to know which of the vulnerabilities in your network environment are being exploited in the wild so that you can prioritize your remediation efforts to deal with the most severe and likely threats first. AlienVault USM gives you real-world threat intelligence so that you can make informed decisions about your remediation priorities. Continuous threat intelligence is delivered directly to your USM environment from AlienVault Labs and AlienVault OTX. As vulnerabilities are discovered in the wild, you get the latest threat data at your fingertips.
Vulnerability assessment software must always be up to date, since exploits often opportunistically follow the discovery and public announcement of vulnerabilities by the security community. AlienVault Labs constantly updates and delivers the latest vulnerability signatures, so you don’t have to.
Vulnerability assessment is only half the battle. Without a way to manage remediation and to verify that your patches, updates, and other fixes are done correctly, you have little assurance that you’re successfully shrinking your attack surface.
With the built-in ticketing and reporting in USM, you can easily and assuredly manage your vulnerability remediation processes and produce detailed reports for your management team as well as compliance checks.
For any alarm or vulnerability discovered, you can open and assign a ticket as well as send an email to your organization’s stakeholders or an external help desk or ticketing system. Each ticket provides a historical record of issues handled, as well as the capability to transfer tickets, assign them to others, and push work to other groups.
USM provides remediation advice for vulnerabilities that are found and third-party resources for incidents and alarms, which can save you time in researching and resolving your vulnerabilities. With USM you can view updated vulnerability reports, kick off new vulnerability scans, generate tickets, and conduct false positive analysis, all in a single security console that’s cost-effective and easy to use.