Catch Threats, & Respond Quickly

Vulnerability Management Software

Watch Vulnerability Assessment Best Practices

AlienVault Unified Security Management™ (USM) provides you complete security visibility with built-in vulnerability management software. AlienVault USM&trade also includes other essential security tools built-in and continuous threat intelligence updates from AlienVault Labs. Learn More

Download A Free Trial

  • Includes network intrusion detection (NIDS) and host-based intrusion detection (HIDS)
  • Combines asset discovery, vulnerability assessment, intrusion detection, NetFlow analysis, SIEM, and integrated threat intelligence in one console
  • Stays current with continuous threat intelligence updates including new correlation directives, attack signatures, report templates, and more from AlienVault Labs
  • Offers full threat context and step-by-step response guidance for attacks
  • Installation to insight in less than an hour
  • Actionable, community-powered threat data from OTX, the world’s first truly open threat intelligence community that enables collaborative defense

40 Million
credit cards were compromised by the Target security
breach during the 2013 Christmas shopping season

Source: The Washington Post

Vulnerability Management Lifecycle

Vulnerability management is an ongoing process to
mitigate known vulnerabilities in IT software

Vulnerability scanners

Active scanners look for unpatched insecure software, open ports, poorly configured software and known security problems. AlienVault Unified Security Management™ (USM) provides built-in vulnerability scanning and assessment.

Vulnerability management is never "done"

Once vulnerabilities have been identified, remediation is required. Since thousands of vulnerabilities are discovered each year, and seemingly never-ending security updates and patches required, remediation needs to be prioritized. Vulnerability management is never "done", as increasing attack vectors and software complexity require continuous monitoring and methods to prioritize remediation. Since newly-found vulnerabilities are constantly surfacing, and the organization's IT infrastructure is typically changing over time, consistent diligence is required for effective vulnerability management.

Importance of being up-to-date

Vulnerability assessment software must be up-to-date, since exploits often opportunistically follow the discovery and public announcement of vulnerabilities by the security community. AlienVault's USM vulnerability database is constantly updated.

Not All Vulnerabilities are Created Equal

Prioritize Remediation

Careful risk management is required, since many organizations find "they can't fix everything".

Keep up with Software Patches

Keeping up with the patching required by Microsoft and other third party software is difficult. Often, patching, applying updates and reconfiguring systems is required to remediate vulnerabilities found in scans, and the impact to operations can be prohibitive.

Make sure you're seeing critical assets

A big part of effective vulnerability management is assuring that you are scanning all aspects of your IT infrastructure that may introduce vulnerabilities for exploit. This encompasses core components, including network devices, virtualized assets, and assets that IT is not aware of, "Rogue" assets can be introduced by a line of business, or an individual, maliciously or benignly. These may be in violation of your organization's Acceptable Use policy. AlienVault USM provides powerful built-in asset discovery capabilities.

Know which assets are vulnerable when doing incident response.

The integrated vulnerability scanning in AlienVault USM lets you know which of your assets are actually vulnerable to the exploits being attempted. Having this information "at your fingertips" gives you the actionable information you need to do your job.

Determine which vulnerabilities require immediate attention

Management may choose to acknowledge some vulnerabilities but not remediate them immediately. Businesses are often willing to accept the risk rather than taking on the financial investment to address vulnerabilities. This decision to wait on remediation includes several factors, such as the value of the asset, the impact to the business to perform remediation and the accessibility to to the asset beyond the organization's internal network - on the internet.

Set up a scanning and reporting cadence

As part of an overall vulnerability management process, USM's vulnerability assessment lets you schedule scans very flexibly, selecting which network segments are to be scanned, and at what frequency. Findings of the scans can be used to create alarms on the USM web interface, and correlated with other events occurring on your network.

Keep an eye on known bad actors

The AlienVault Open Threat Exchange™ (OTX) is the world’s first truly open threat intelligence community that enables collaborative defense with actionable, community-powered threat data. OTX gives you the final piece of the puzzle - a view the external world. With OTX you have visibility into the latest malicious behavior of known malicious hosts. OTX’s community-powered threat data helps you prioritize your remediation efforts, which is highly useful when you have more vulnerabilities than your ability to remediate.


of cyber attacks are viruses, malware, worms, & trojans.
Catch them before they grow with AlienVault.

Source: Verizon Data Breach Report, 2013

Get Price Free Trial Chat