AlienVault Unified Security Management: Threat Intelligence Product Overview and Insight

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Email  

See the complete list of top threat intelligence companies.
See user reviews for AlienVault Unified Security Management.

Company Description

Founded in 2007, AlienVault employs more than 300 people worldwide. Headquartered in San Mateo, Calif., it also has offices in Austin, Texas; Madrid, Spain; Granada, Spain; and Cork, Ireland. To date the company has raised $116 million in funding.

Product Description

By integrating essential security capabilities into a Unified Security Management (USM) platform, and powering that platform with up-to-the-minute threat intelligence from AlienVault Labs and its Open Threat Exchange (OTX) crowd-sourced collaborative threat exchange, AlienVault provides more than 5,000 commercial customers with centralized threat detection, incident response and compliance management for cloud and on-premises environments. The AlienVault platform imports and stores threat indicators, analyzes them and exports indicators to security products that can apply them. OTX provides free access to 53,000 threat researchers and security professionals who contribute more than 10 million threat indicators daily. OTX threat data feeds directly into AlienVault Unified Security Management (USM) Appliance and AlienVault USM Anywhere, as well as third-party security tools.

"AlienVault USM includes built-in asset discovery, vulnerability assessment, intrusion detection (host and network), behavioral monitoring and SIEM (log management and event correlation)," said Sacha Dawes, Principal Product Marketing Manager, AlienVault.

Agents

AlienVault OTX provides a web portal, an API, agents, SDK and command-line interface (CLI) through which the community can interact, and which can also be used to export threat intelligence from OTX into other applications. USM primarily collects data via sensors. Data can be collected using agents or without agents.

Markets and Use Cases

Although focused on meeting the needs of smaller IT security teams (1-20), the AlienVault USM approach attracts companies of all sizes, from every industry and geography, said Dawes.

Applicable Metrics

AlienVault OTX receives an average of 10 million indicators of compromise each day. Every USM Appliance deployment receives a threat intelligence update approximately every 30 minutes. USM Appliance Enterprise Servers can support up to 10,000 events per second (EPS) collection and correlation.

Security Qualifications

The company is working to certify USM Anywhere as compliant with PCI DSS 3.2. This is expected within a couple of months.

Intelligence

Automation and machine learning are used to discover and monitor threats in the wild, which are then made available to USM Anywhere and USM Appliance customers. Graph-based analysis and rule-based correlation technology helps learn about typical behaviors and relationships within monitored environments.

Delivery

AlienVault USM Appliance is a virtual or hardware appliance-based solution designed for organizations that require dedicated on-premises monitoring from their own data centers. AlienVault USM Anywhere is a cloud-based, SaaS-delivered solution designed to monitor cloud and on-premises environments from the AlienVault Secure Cloud. AlienVault OTX integrates with security solutions via an API, agents or a software development kit.

Pricing

OTX is free. USM Anywhere is sold as a monthly subscription. Tiers start at $1,575/month for a 250 GB data volume. USM Appliance is sold as a perpetual license directly. Pricing starts at $5,595 for our USM Appliance All-In-One 25A, which provides monitoring for up to 25 unique assets. AlienVault's Open Source Security Information Management (OSSIM) is offered as an open source software-based version of USM Appliance, and is available for free.

JOIN THE DISCUSSION

Loading Comments...