AlienVault expands USM anywhere to include endpoint detection and response capabilities
Russ Spitler of AlienVault
AlienVault, a provider of Unified Security Management (USM) and crowdsourced threat intelligence, has announced the general availability of Endpoint Detection and Response (EDR) capabilities in USM Anywhere.
AlienVault USM anywhere automates threat detection and response wherever modern threats appear, across endpoints and networks in cloud and on-premises environments – all from one platform. The unified platform is powered by continuous, actionable threat intelligence from the AlienVault Labs Security Research Team, enabling it to detect aggressive threats, especially those designed to evade detection by traditional perimeter security and signature-based detection techniques.
This enables security teams’ defenses to stay current as threats evolve and emerge in the wild. By intelligently correlating activities across the network, cloud, and endpoint, USM anywhere not only detects intrusions faster and with more accuracy, but also provides detailed and automatically curated data to guide response teams to quickly contain threats across the entire network environment. Additional features include built-in file integrity monitoring to accelerate compliance efforts, proactive queries for risk mitigation and log aggregation to simplify security operations.
Corporate endpoints represent one of the top areas of security risk for organisations, accelerated by an increasingly mobile and cloud-first workplace. According to “The 2017 State of Endpoint Security Risk” report by the Ponemon Institute, 3 out of 4 organisations report having difficulty managing endpoint risk. As malicious actors target endpoints with new types of attacks designed to evade traditional endpoint prevention and antivirus tools, security teams need an additional layer of security.
“As the threat landscape shifts, we continue to adapt and evolve USM anywhere with new security capabilities, integrations, and intelligence,” said Russ Spitler, AlienVault’s senior vice president of product. “Endpoints are critical to a comprehensive security strategy, but many organisations struggle with the cost and complexity of EDR point solutions. Our approach to delivering EDR capabilities as part of a unified solution for threat detection, response and compliance enables companies of all sizes to detect and respond to threats quickly while eliminating the need to add more point solutions to their security stacks.”
“The new EDR capabilities in USM anywhere allow my team of security analysts to simplify and cost-effectively provide 24/7 monitoring of all endpoint devices as part of our managed security services, giving our customers greater peace of mind,” said Jorge Colon, security operations technical lead for Abacode. “Not only does USM anywhere help us to better track endpoints across different environments, but built-in threat intelligence automates threat detection so we can focus on rapid response.”
USM anywhere combines multiple security capabilities – including EDR, SIEM, IDS and vulnerability assessment, as well as continuous threat intelligence from AlienVault Labs – in one platform. Security teams can monitor all of their critical environments in a single pane of glass, drastically reducing the time, resources, and costs associated with security and compliance.
The new EDR capabilities in USM anywhere are fully integrated and are provided to every customer; no subscription upgrades or updates to USM anywhere are required.
Comment on this article below or via Twitter @IoTGN