Threat Detection, Incident Response & Compliance (SIEM)

AlienVault is now AT&T Cybersecurity

AT&T Alien Labs

With unrivaled visibility of the AT&T IP backbone, global USM sensor network, and the Open Threat Exchange (OTX), AT&T Alien Labs delivers continuous, tactical threat intelligence to the USM platform to keep your defense up to date.

Benefits

Timely, tactical cyber threat intelligence powered by AT&T

Driving resilient threat detection and response

Our continuously updated, integrated threat intelligence helps you more quickly prioritize and address the critical threats targeting your business.


Delivering deep insight into adversaries and attacks

Our researchers use advanced analytics and machine learning to analyze one of the largest collections of threat data in the world, so you can stay ahead of evolving threats.


Automating proactive threat hunting

We write and update the correlation rules and threat indicators needed to continuously detect and prevent attacks.

AT&T Labs powers resilient threat detection

AlienVault® Unified Security Management® (USM) delivers powerful threat detection, incident response, and compliance management across cloud, on-premises, and hybrid environments.

DISCOVER

Know what’s connected to your environment at all times.

Network asset discovery

Software & services discovery

AWS asset discovery

Azure asset discovery


DETECT

Detect threats and suspicious activities early, no matter where or how they appear in your environment.

Cloud intrusion detection (AWS, Azure)

Network intrusion detection (NIDS)

Host-based intrusion detection (HIDS)

File integrity monitoring (FIM)

Endpoint Detection and Response (EDR)


ASSESS

Identify the vulnerabilities and configuration issues that expose your organization to risk.

Network vulnerability scanning

Cloud infrastructure assessment

User & asset configuration assessment

Dark web monitoring for stolen user credentials


ANALYZE

Correlate and analyze security events and behaviors that could indicate a compromise or potential breach.

SIEM event correlation, auto-prioritized alarms

User activity monitoring

Cloud access log monitoring (AWS, Azure)

AWS VPC flow monitoring

Log management (90 days searchable events)

Log retention (12 months raw log storage)


RESPOND

Act swiftly to contain threats and to mitigate impact.

Security orchestration and automation (See Integrations)

Forensics and incident response

Notification channels: email, Slack, DataDog, and Amazon SNS

Ticketing integrations with Jira and ServiceNow


REPORT

Easily produce rich security reports for management and compliance auditors.

Pre-built compliance reporting templates

Pre-built security event reporting templates

Customizable data views, save and export as reports


+63 2 75015527