Threat Detection, Incident Response & Compliance (SIEM)
AlienVault is now AT&T Cybersecurity
AT&T Alien Labs
With unrivaled visibility of the AT&T IP backbone, global USM sensor network, and the Open Threat Exchange (OTX), AT&T Alien Labs delivers continuous, tactical threat intelligence to the USM platform to keep your defense up to date.
Benefits
Timely, tactical cyber threat intelligence powered by AT&T
Driving resilient threat detection and response
Our continuously updated, integrated threat intelligence helps you more quickly prioritize and address the critical threats targeting your business.
Delivering deep insight into adversaries and attacks
Our researchers use advanced analytics and machine learning to analyze one of the largest collections of threat data in the world, so you can stay ahead of evolving threats.
Automating proactive threat hunting
We write and update the correlation rules and threat indicators needed to continuously detect and prevent attacks.
AlienVault® Unified Security Management® (USM) delivers powerful threat detection, incident response, and compliance management across cloud, on-premises, and hybrid environments.
DISCOVER
Know what’s connected to your environment at all times.
Network asset discovery
Software & services discovery
AWS asset discovery
Azure asset discovery
DETECT
Detect threats and suspicious activities early, no matter where or how they appear in your environment.
Cloud intrusion detection (AWS, Azure)
Network intrusion detection (NIDS)
Host-based intrusion detection (HIDS)
File integrity monitoring (FIM)
Endpoint Detection and Response (EDR)
ASSESS
Identify the vulnerabilities and configuration issues that expose your organization to risk.
Network vulnerability scanning
Cloud infrastructure assessment
User & asset configuration assessment
Dark web monitoring for stolen user credentials
ANALYZE
Correlate and analyze security events and behaviors that could indicate a compromise or potential breach.
SIEM event correlation, auto-prioritized alarms
User activity monitoring
Cloud access log monitoring (AWS, Azure)
AWS VPC flow monitoring
Log management (90 days searchable events)
Log retention (12 months raw log storage)
RESPOND
Act swiftly to contain threats and to mitigate impact.
Security orchestration and automation (See Integrations)
Forensics and incident response
Notification channels: email, Slack, DataDog, and Amazon SNS
Ticketing integrations with Jira and ServiceNow
REPORT
Easily produce rich security reports for management and compliance auditors.
Pre-built compliance reporting templates
Pre-built security event reporting templates
Customizable data views, save and export as reports
