![]() ![]() ![]() Every USM Appliance deployment receives a threat intelligence update approximately every 30 minutes. Applicable MetricsĪlienVault OTX receives an average of 10 million indicators of compromise each day. Markets and Use CasesĪlthough focused on meeting the needs of smaller IT security teams (1-20), the AlienVault USM approach attracts companies of all sizes, from every industry and geography, said Dawes. Data can be collected using agents or without agents. AgentsĪlienVault OTX provides a web portal, an API, agents, SDK and command-line interface (CLI) through which the community can interact, and which can also be used to export threat intelligence from OTX into other applications. “AlienVault USM includes built-in asset discovery, vulnerability assessment, intrusion detection (host and network), behavioral monitoring and SIEM (log management and event correlation),” said Sacha Dawes, Principal Product Marketing Manager, AlienVault. OTX threat data feeds directly into AlienVault Unified Security Management (USM) Appliance and AlienVault USM Anywhere, as well as third-party security tools. OTX provides free access to 53,000 threat researchers and security professionals who contribute more than 10 million threat indicators daily. ![]() The AlienVault platform imports and stores threat indicators, analyzes them and exports indicators to security products that can apply them. Product Descriptionīy integrating essential security capabilities into a Unified Security Management (USM) platform, and powering that platform with up-to-the-minute threat intelligence from AlienVault Labs and its Open Threat Exchange (OTX) crowd-sourced collaborative threat exchange, AlienVault provides more than 5,000 commercial customers with centralized threat detection, incident response and compliance management for cloud and on-premises environments. To date the company has raised $116 million in funding. Headquartered in San Mateo, Calif., it also has offices in Austin, Texas Madrid, Spain Granada, Spain and Cork, Ireland. Umbrella: The AlienApp™ for Cisco Umbrella delivers advanced security orchestration capabilities between AlienVault® USM Anywhere™ and Cisco Umbrella (formerly OpenDNS), shortening the time from threat detection to response through security automation.See the complete list of top threat intelligence companies.įounded in 2007, AlienVault employs more than 300 people worldwide.Secure Firewall ASA: AlienVault provides a STIX formatted threat intelligence feed for customers using Firepower Management Center's Threat Intelligence Director (TID) to rapidly update detection against new and complex threats.In addition, it allows you to collect hourly events from Cisco Secure Endpoint through the USM Anywhere Job Scheduler. It also enhances the threat response capabilities of USM Anywhere by providing orchestration and response actions to isolate or unisolate hosts based on risks identified in USM Anywhere. Secure Endpoints: The AlienApp for Cisco Secure Endpoint enables you to automate threat detection and response activities between USM Anywhere and Cisco Secure Endpoint.Pivot to AlienVault OTX UI via referring actions. SecureX threat response: Threat Response module to query AlienVault OTX for observables (IP, IPV6, domain, hash values) and return Sightings and Indicators from the "Pulses" in AlienVault.AlienVault’s Unified Security Management (USM) solution integrates asset discovery, behavioral monitoring, vulnerability assessment, security information and event management (SIEM), and intrusion detection into an all-in-one platform designed and priced to ensure that organizations of all sizes with limited resources and security teams can effectively defend themselves against today’s advanced threats. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |