Silicon100 2017

Alien Vault: Unified Security for Threat Detection and Incident Response

thesiliconreview-barmak-meftah-ceo-alien-vault-17We’ve experienced firsthand just how frustrating and challenging security can be – the struggles with failing SIEM implementations; having to settle for inadequate security due to budget constraints; shelving hundreds of thousands of dollars of security software because it is just too hard to use; and, of course, the aftermath of security breaches that could have been prevented. We founded Alien Vault to help organizations of all shapes and sizes achieve world-class security without the headaches and huge expense of other solutions. And we are passionate about our mission

Alien Vault Unified Security Management (USM) is a comprehensive approach to security monitoring, delivered in a unified platform. The USM platform includes five essential security capabilities that provide resource-constrained organizations with all the security essentials needed for effective threat detection, incident response, and compliance, in a single pane of glass.

Designed to monitor cloud, hybrid cloud and on-premises environments, Alien Vault USM significantly reduces complexity and deployment time so that you can go from installation to first insight in minutes – talk about fast threat detection!

Be it anywhere, cloud or hybrid; let it be ‘USM Anywhere’

Alien Vault USM Anywhere is a SaaS security monitoring solution that centralizes threat detection, incident response, and compliance management across your on-premises, cloud, or hybrid environments. Unlike any other security solution on the market today, USM Anywhere delivers five essential security capabilities in a unified SaaS solution, giving you everything you need to keep your business secure in a single pane of glass. It combines asset discovery, vulnerability management, intrusion detection, SIEM, and behavioral monitoring in one affordable and easy-to-use solution. With USM anywhere, you can avoid the time, expense, and resources required maintaining multiple point security solutions in your data center and clouding infrastructure. Instead, you can focus on what matters most — protecting your IT infrastructure against today’s emerging threats.

Hi-fi to the USM Five’s

The Unified Security Management approach eliminates the complexity and costs of integrating and maintaining multiple point solutions. By combining five essential security capabilities, organizations can spend more time responding to threats rather than dealing with the headaches and hassles of deploying and integrating multiple products.

  • Asset Discovery - Get visibility into the assets and user activity in your cloud and on-premises environments.
  • Behavioral Monitoring- Identify suspicious behavior and potentially compromised systems.
  • Vulnerability Assessment- Scan your cloud and on-premises environments to detect assets, assess vulnerabilities, and deliver remediation guidance.
  • SIEM- Correlate and analyze security event data from across your cloud and on-premises environments.
  • Intrusion Detection- Inspect traffic between devices and protect critical assets and systems in your cloud and on-premises environments.

Discover a Better way to discover and Respond to Threats

The Alien Vault Labs Security Research Team evaluates hundreds of thousands of threats daily to understand the threat landscape and to deliver a continuous stream of threat intelligence directly to the USM platform. This threat intelligence, combined with data collected from Alien Vault’s Open Threat Exchange (OTX), provides you with the information you need to successfully identify and respond to emerging threats in your infrastructure.

Considering Security-as-a-Service?

Security-as-a-service involves organizations leveraging third-party consultants and managed security service providers (MSSPs) to monitor the security of their infrastructure. Whether it is the need for log management, threat detection, SIEM-as-a-service, or compliance, many are choosing to outsource versus building the capability internally. Cost savings and overcoming staffing and skills gaps are motivating factors for outsourcing day-to-day security functions.

“In a recent SANS survey, 59% of respondents indicated that a lack of trained security staff and skills were the biggest challenges when it came to threat intelligence and detection / SIEM initiatives.”

SIEM and Log Management

Alien Vault Unified Security Management (USM) goes beyond traditional SIEM software with all-in-one security essentials and integrated threat intelligence so you can accelerate threat detection in your cloud, hybrid cloud, and on-premises environments.

Go beyond SIEM with Unified Security Management

Single-purpose SIEM software and log management tools provide valuable security information, but often require expensive and time-consuming integration efforts to bring in log files from disparate sources such as asset inventory, vulnerability assessment, and IDS products. Once you have the data, you then must research and write correlation rules to identify threats in your environment. These challenges multiply as you transfer workloads and services from on-premises infrastructure to public cloud environments.

Open Threat Exchange (OTX) & OSSIM

OSSIM, Alien Vault’s Open Source Security Information and Event Management (SIEM) product, provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

The Man behind the Success

Barmak Meftah, CEO: Barmak is a veteran of the technology industry with a passion for building and leading great teams. Over his 20 years of experience in enterprise software, he has assembled an incredible track record for delivering award-winning products. Under his leadership since 2011, the company has become one of the fastest growing security vendors in the industry with thousands of customers and partners around the world. Most recently he served as VP of the Enterprise Security Products division at HP. At HP he led the Fortify and SPI Dynamics business units after the successful acquisition of Fortify by HP in September 2010. Barmak was the 10th employee at Fortify and as Chief Products Officer, lead the build-out and expansion of the company, dubbed “The Next Big Thing” at Enterprise 2005.

“Alien Vault unifies all of your essential security tools in one location and combines them with real-time threat intelligence.”