Unified Security Mangement SIEM

LONDON, 28 August 2014 – In a report titled “The Real Cost of Security”, 451 Research highlighted the challenges CFOs face when weighing up investments in Security Technology and Staff. With many traditional point products typically overpriced, overly complex and difficult to integrate with one another, the concept of Unified Security Management makes a lot of sense for anyone concerned with Return On Investment as well as effective security.

USM. More than it SIEMs

With Gartner identifying AlienVault as the only Visionary in both the 2013 and 2014 Magic Quadrants for Security Information and Event Management, one could be forgiven for thinking USM by AlienVault was just a SIEM solution. In fact, USM delivers 5 Essential Security Capabilities in a Single Console.

1. Asset Discovery

Not knowing what’s on your network, or how your devices are configured could be disastrous for your organisation. Automated asset discovery helps remove the uncertainty by combining three core discovery and inventory technologies, including:

  • Passive Network Monitoring
  • Active Network Scanning
  • Host-based software inventory

 

2. Vulnerability Scanning

USM provides flexible and complementary options to mold your vulnerability assessment approach. For example, running authenticated scans on compliance-related assets, whilst instead running passive vulnerability assessment on low risk assets – where reducing network traffic matters more than validating stringent security configurations. By also providing fully schedulable scanning options, USM enables your organisation to keep on top of the changing threat landscape

3. Intrusion Detection

When it comes to finding the threats in your environment, you need intrusion detection systems everywhere on your network. Today’s attacks can easily bypass gateway firewalls, and the single system on your DMZ isn’t enough to catch them. USM enables your organisation to deploy intrusion detection anywhere and everywhere in your environment for complete, multi-layered security to catch threats wherever they exist within your network.

4. Behavioral Monitoring

Context aware security has become even more important given the rise of new polymorphic malware and zero day exploits – signatures are not enough. The behavioral monitoring functionality of USM starts gathering data to help you build a baseline measurement of “normal” system and network activity. This greatly simplifies the incident response when investigating an operational issue or potential security incident.

5. Threat Intelligence

Busy IT security teams simply don’t have the time or the resources to do threat analysis on their own, so in order to keep pace with the rapidly changing threat landscape, it is vital that organisations are supported by ground breaking threat research work such as that from AlienVault Labs.

Security that’s effective and affordable

The only Visionary in the 2014 Gartner Magic Quadrant for SIEM, is ideal for Small and Midsize organisations with solutions starting at a very affordable £3600. Or perhaps you’re looking to outsource your Security Management? Contact an Infosec Partners trusted adviser today, for help and guidance on selecting the right security solution or managed services for your organisation.

Leave a Reply