USM Anywhere

AlienVault® Unified Security Management™ (USM™)

Anywhere is a cloud-based security management platform that accelerates and simplifies threat detection, incident response, and compliance management for your cloud, hybrid cloud, and on-premises environments. USM Anywhere includes sensors that are deployed into your environments that natively monitor Amazon Web Services, Microsoft Azure Cloud, Microsoft Hyper-V, and VMware ESXi -- providing you a comprehensive solution for managing security across your public and private cloud infrastructure.

With USM Anywhere, you can rapidly deploy software sensors natively into all of your virtual, and cloud environments while centrally managing data collection, analysis and detection of threats to your business operations.

Five Essential Security Capabilities in a Single SaaS Platform AlienVault USM AnywhereTM provides five essential security capabilities in a single SaaS platform, giving you everything you need to detect and respond to threats and manage compliance. As a cloud-based security solution, you can scale your threat detection and response capabilities as your hybrid environment changes, and pay for only exactly what you need, when you need it. Finally, you can focus on finding and responding to threats, not managing software!

Asset Discovery

  • API-powered asset discovery
  • Network asset discovery
  • Software discovery 
  • Services discovery

Vulnerability Assessment

  • Authenticated vulnerability assessment
  • Cloud infrastructure assessment

Intrusion Detection

  • Network IDS
  • Host IDS
  • File Integrity Monitoring

Behavioral Monitoring

  • Asset access logs 
  • Cloud access logs (Azure: Insights, AWS: CloudTrail, CloudWatch, S3 access log, ELB access log)
  • AWS VPC Flow monitoring
  • VMware ESXi access logs

SIEM

  • Event correlation
  • Log management
  • Incident response
  • Integrated AlienVault Open Threat Exchange™ (OTX) Data
  • 12-month raw log retention


Deploying USM Anywhere is Fast and Easy USM Anywhere consists of a modular, scalable, two-tier architecture to manage and monitor every aspect of cloud and on-premises security. USM Anywhere Sensors collect and normalize data from all of your cloud and onpremises environments and securely transfers it to USM Anywhere to provide centralized collection, management, analysis, correlation, alerting, log management, and reporting. The only thing you deploy is the sensors into your environment. AlienVault creates, maintains and updates your USM Anywhere automatically in AlienVault’s secure cloud environment.