Vulnerability Scanning

AlienVault’s Unified Security Management (USM) platform continuously scans your critical assets for vulnerabilities and provides an incisive reporting interface to simplify your triage and remediation process.

A Simplified, More Manageable Network Vulnerability Scanner

Easily improve your network’s security posture with regular scans of your most vital systems

The dynamic nature of most environments requires persistent monitoring in order to defend against the evolving threat landscape. Constant changes to networks, systems, and applications can leave you susceptible to an attack, even if you are keeping your security controls up to date.

Stay on Schedule
Deploying and configuring a traditional security solution for network vulnerability scanning can be difficult and time-consuming. Often, IT teams conduct a scan only as a procedural ‘check the box’ measure, either in reaction to an incident or so infrequently that it has almost no measureable impact.

AlienVault USM addresses this pain point by providing a simple, manageable platform that includes both asset discovery and vulnerability scanning, as well as an easy to use interface for scheduling both types of scans. This allows you to ensure continuous vulnerability assessment without having to manage the process manually.

AlienVault Unified Security Management (USM) allows you to stay ahead of attackers with these advanced features:

Simple configuration and scheduling of network vulnerability scans

  • Easily set up scan jobs targeting individual assets, groups, or even entire networks
  • Schedule scans to run in advance to avoid disruption of critical services and take the guesswork out of managing a scanning routine
  • Control the techniques utilized and level of scanning intensity using default profiles or by creating your own

Intuitive dashboard and reporting interface

  • Leverage at-a-glance analysis of top assets and networks affected by discovered vulnerabilities
  • Produce useful and easily digestible reports that list threats by severity, allowing you to better prioritize your efforts

Regular updates to vulnerability related threat intelligence

  • Expert research on today’s attacks is developed into new vulnerability signatures
  • Effortlessly update this threat intelligence to spot the latest exploits

Simple Configuration and Scheduling of Network Vulnerability Scans

Traditional approaches to network vulnerability scanning and analysis rarely focus on usability and can seem unapproachable by those in IT wearing multiple hats. This leads to frustration, infrequent and inconsistent analysis and, too often, total project abandonment. Unfortunately, threat actors are all too familiar with this behavior and use it to their advantage by exploiting flaws in new additions to the victim’s environment.

When time and simplicity are of the essence, you need a security solution that accelerates your network vulnerability scanning and threat detection process. AlienVault USM provides this functionality by bolstering a comprehensive vulnerability scanning engine with asset discovery, a streamlined UI, and uncomplicated scheduling. Scheduling scans in advance allows you to easily manage your network vulnerability scanning program as well as minimize disruption of critical services during peak time.

You can also easily specify the methods used during the scans as well as how intensely your assets are probed. You can use the predefined scanning profiles, modify them to meet your explicit needs, or create your own from scratch. Since an attacker’s privileges (or lack thereof) can influence the feasibility of exploiting certain vulnerabilities, you also have the ability to perform these scans in both authenticated and unauthenticated modes.

Intuitive Dashboard and Reporting Interface

Once you’ve scanned your assets for vulnerabilities, you need to develop a response plan that describes the vulnerabilities and their potential impact to your environment, and then decide which issues to remediate first. Doing this efficiently requires expert knowledge of not only the exploit methods but the affected systems as well.

AlienVault USM gives you an interface that provides a graphical display of vulnerabilities discovered by severity as well as affected services, systems, and networks. You also have a dashboard detailing the status of scheduled, in progress, and past scans. From here, you also have the ability to re-run scans, change scan job ownership, modify scanning schedules, or even delete jobs.

Reports produced contain rich, actionable intelligence including detailed descriptions of vulnerability, insight into root cause, and available workarounds. In most cases, links to references are provided for continued research. Exporting this data is easy, with links to download in PDF or CSV formats.

Regular Updates to Vulnerability Related Threat Intelligence

One of the most significant challenges to securing your environment is having the knowledge required to identify network vulnerabilities, prioritize which are the biggest threats to your environment, and then remediate any issues found. While many tools provide an initial set of vulnerability signatures, keeping them up to date and developing new ones is often up to the user. Especially when securing the network isn’t your only responsibility, you have little time to research new threats and develop vulnerability intel.

That’s where the Threat Intelligence produced by AlienVault Labs steps in to assist. Think of it as an extension to your IT team – they are constantly performing advanced research on current threats and developing updates to AlienVault USM’s threat intelligence. In addition to the vulnerability signatures, you receive updates to SIEM correlation rules, IDS signatures, knowledgebase articles, and more.

Updating the AlienVault USM platform is extremely easy, designed to minimize downtime, and just requires a couple of mouse clicks. This ensures that AlienVault USM is continuously conducting network vulnerability scans for the latest threats without requiring in-house research or development of vulnerability data. This allows you to allocate your time and resources to other responsibilities and, do more with a smaller team.