SlideShare a Scribd company logo

AlienVault 2.3 overview of new features for SIEM, reporting, user management and more

AlienVault
AlienVault

This document summarizes the new features and enhancements in AlienVault 2.3, including a multi-tenant user architecture, enriched security taxonomy, improved reporting capabilities, vulnerability assessment upgrades, and network discovery enhancements. The professional version of AlienVault 2.3 adds multi-tenant support, entity-based user permissions, and remote network discovery execution. Compliance reports for standards like SOX, PCI DSS, and HIPAA are also now available.

Technology
1 of 24
What’s New in AlienVault 2.3 New Features and Enhancements June 2010 Juan Manuel Lorenzo (jmlorenzo@alienvault.com)
AlienVault 2.3Overview “The AlienVault Professional SIEM product combines the breadth and flexibility of Open Source software with the features and functionality present in any of AlienVault's competition.“ - Andrew Hay, Sr. Analyst, The 451 Group
Synopsis Two Releases: AlienVault’s Professional SIEM version 2.3 Open Source SIEM (OSSIM) version 2.3 Some Features Available Only With AlienVault Professional SIEM Major Upgrades Reporting User Management Common Taxonomy Multi-Tenant (i.e. MSSP Deployments) 3
New Feature Overview New Features and Enhancements Multi-Tenant User Architecture Enhanced User Management Enriched Security Taxonomy SIEM Console Reports Dashboards Vulnerabilities Distributed Network Discovery Installer Usability Improvements 4
AlienVault 2.3 Details "Just a few hours later our SIEM Practice Manager grabbed me by the arm with a big smile: “You gotta see this!" Remarkably, our network had been auto-discovered, a Vulnerability Assessment had been run, net-flows were being captured, we had real-time visibility to network traffic, a snort ids sensor with an appropriate signature set had been deployed, and basic network monitoring functionality was in place."   - John Verry , Pivot Point Security
Entities Definition: Groups, Departments, Companies... Assign User Permissions to Entities Simplifies AlienVault Management Admin Users for Each Entity Multi-Tenant Architecture 6
Multi-Tenant Architecture Only available when using AlienVault Professional SIEM PROFESSIONAL VERSION OPEN SOURCE 7
Abstraction: Use your Entities and Forget About Networks and Hosts Multi-Tenant Architecture Only available when using AlienVault Professional SIEM 8
User Templates Simplifies user management Inherit permissions from an Entity User Management Only available when using AlienVault Professional SIEM 9
Enriched Security Taxonomy Categorizes All Events Only available when using AlienVault Professional SIEM 10
New Filters in SIEM Console Taxonomy-Based Reports Enriched Security Taxonomy 11
SIEM Console Custom Event Viewer Functionality Merged into SIEM Console Select the events you want to see Select the columns you want to display Save your custom view 12
Dashboards Enhanced Predefined Dashboard Capability Ability to revert to original default dashboards while maintaining custom ones Select the Default Panel 13
New Scanning Options Cancel current scan Scanning Speed-Up Scan only active hosts Openvas plugins tuned Vulnerability Assessment ,[object Object]
Check permissions before scanning
Check network access before scanning14
Vulnerability Assessment OpenVas 3 and Nessus 4.0.2 Support Import/Export Reports in NBE Format New Reporting Options Reports available to other users Reports available to entities (Only in professional version) 15
Report Wizard Reporting System Only available when using AlienVault Professional SIEM 16
Report Wizard Select the the time range, layout and users that will have access to the report Reporting System Only available when using AlienVault Professional SIEM 17
Report Wizard Select the the time range, layout and users that will have access to the report Reporting System Only available when using AlienVault Professional SIEM 18
Report Wizard Configure the sub-reports and add comments Reporting System Only available when using AlienVault Professional SIEM 19
1800+ Reporting Modules New Compliance Reports Taxonomy-Based Reports Automatically include events from different applications and devices Reporting System Only available when using AlienVault Professional SIEM 20
Compliance Reports SOX ISO 27001 PCI DSS HIPAA FISMA Reporting System Only available when using AlienVault Professional SIEM 21
Network Discovery Manage Remote Nmap Scans to do Network Discovery Network Discovery Can Now be Executed from the AlienVault Sensor 22

Recommended

Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Lumension
 
LANDesk Service pack 3 features
LANDesk Service pack 3 featuresLANDesk Service pack 3 features
LANDesk Service pack 3 featuresInfraVision
 
SP3 features
SP3 featuresSP3 features
SP3 featuresAxle-IT
 
Symantec Endpoint Protection 12.1 RU6 MP6
Symantec Endpoint Protection 12.1 RU6 MP6Symantec Endpoint Protection 12.1 RU6 MP6
Symantec Endpoint Protection 12.1 RU6 MP6Sarah Isaacs
 
Mcafee Epolicy Orchestrator
Mcafee Epolicy OrchestratorMcafee Epolicy Orchestrator
Mcafee Epolicy OrchestratorMindRiver Group
 
70-272 Chapter10
70-272 Chapter1070-272 Chapter10
70-272 Chapter10Gene Carboni
 
How to monitor .Net Framework
How to monitor .Net FrameworkHow to monitor .Net Framework
How to monitor .Net FrameworkEgnyte
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesJason Chan
 

Recommended

Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Lumension
 
LANDesk Service pack 3 features
LANDesk Service pack 3 featuresLANDesk Service pack 3 features
LANDesk Service pack 3 featuresInfraVision
 
SP3 features
SP3 featuresSP3 features
SP3 featuresAxle-IT
 
Symantec Endpoint Protection 12.1 RU6 MP6
Symantec Endpoint Protection 12.1 RU6 MP6Symantec Endpoint Protection 12.1 RU6 MP6
Symantec Endpoint Protection 12.1 RU6 MP6Sarah Isaacs
 
Mcafee Epolicy Orchestrator
Mcafee Epolicy OrchestratorMcafee Epolicy Orchestrator
Mcafee Epolicy OrchestratorMindRiver Group
 
70-272 Chapter10
70-272 Chapter1070-272 Chapter10
70-272 Chapter10Gene Carboni
 
How to monitor .Net Framework
How to monitor .Net FrameworkHow to monitor .Net Framework
How to monitor .Net FrameworkEgnyte
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesJason Chan
 
Alien vault _policymanagement
Alien vault _policymanagementAlien vault _policymanagement
Alien vault _policymanagementMarjo'isme Yoyok
 
Technology to Stop Hackers
Technology to Stop Hackers Technology to Stop Hackers
Technology to Stop Hackers Greater Noida Institute Of Technology
 
Mdm with config mgr nico
Mdm with config mgr nicoMdm with config mgr nico
Mdm with config mgr nicoDieter Wijckmans
 
Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015Ivanti
 
Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSymantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSree Harsha Boyapati
 
2009 Quick Heal
2009 Quick Heal2009 Quick Heal
2009 Quick HealV.R.RAO
 
Solaris servers sec
Solaris servers secSolaris servers sec
Solaris servers secRaja Waseem Akhtar
 
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXTECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXSymantec
 
MR201408 SE for Android Overview
MR201408 SE for Android OverviewMR201408 SE for Android Overview
MR201408 SE for Android OverviewFFRI, Inc.
 
Continuous monitoring with OSSIM
Continuous monitoring with OSSIMContinuous monitoring with OSSIM
Continuous monitoring with OSSIMEguardian Global Services
 
Taishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun Owens
 
Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Ivanti
 
Audit Vault Database Firewall 12.2.0.1.0 installation
Audit Vault Database Firewall 12.2.0.1.0 installationAudit Vault Database Firewall 12.2.0.1.0 installation
Audit Vault Database Firewall 12.2.0.1.0 installationPinto Das
 
Trusted extensions-gdansk-v1 0
Trusted extensions-gdansk-v1 0Trusted extensions-gdansk-v1 0
Trusted extensions-gdansk-v1 0Kevin Mayo
 
Prueba de Presentacion
Prueba de PresentacionPrueba de Presentacion
Prueba de Presentacionrubychavez
 
USB Lock RP DEMO installation instructions
USB Lock RP DEMO installation instructionsUSB Lock RP DEMO installation instructions
USB Lock RP DEMO installation instructionsJavier Arrospide
 
Symantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentSymantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentIftikhar Ali Iqbal
 
Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Ivanti
 
RuSIEM IT assets
RuSIEM IT assetsRuSIEM IT assets
RuSIEM IT assetsOlesya Shelestova
 
Windows 10 Migration Tips, Tricks, and Strategies
Windows 10 Migration Tips, Tricks, and StrategiesWindows 10 Migration Tips, Tricks, and Strategies
Windows 10 Migration Tips, Tricks, and StrategiesIvanti
 
Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?AlienVault
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Sophos Benelux
 

More Related Content

What's hot

Alien vault _policymanagement
Alien vault _policymanagementAlien vault _policymanagement
Alien vault _policymanagementMarjo'isme Yoyok
 
Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015Ivanti
 
Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSymantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSree Harsha Boyapati
 
2009 Quick Heal
2009 Quick Heal2009 Quick Heal
2009 Quick HealV.R.RAO
 
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXTECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXSymantec
 
MR201408 SE for Android Overview
MR201408 SE for Android OverviewMR201408 SE for Android Overview
MR201408 SE for Android OverviewFFRI, Inc.
 
Taishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun Owens
 
Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Ivanti
 
Audit Vault Database Firewall 12.2.0.1.0 installation
Audit Vault Database Firewall 12.2.0.1.0 installationAudit Vault Database Firewall 12.2.0.1.0 installation
Audit Vault Database Firewall 12.2.0.1.0 installationPinto Das
 
Trusted extensions-gdansk-v1 0
Trusted extensions-gdansk-v1 0Trusted extensions-gdansk-v1 0
Trusted extensions-gdansk-v1 0Kevin Mayo
 
Prueba de Presentacion
Prueba de PresentacionPrueba de Presentacion
Prueba de Presentacionrubychavez
 
USB Lock RP DEMO installation instructions
USB Lock RP DEMO installation instructionsUSB Lock RP DEMO installation instructions
USB Lock RP DEMO installation instructionsJavier Arrospide
 
Symantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentSymantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentIftikhar Ali Iqbal
 
Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Ivanti
 
Windows 10 Migration Tips, Tricks, and Strategies
Windows 10 Migration Tips, Tricks, and StrategiesWindows 10 Migration Tips, Tricks, and Strategies
Windows 10 Migration Tips, Tricks, and StrategiesIvanti
 

What's hot (20)

Alien vault _policymanagement
Alien vault _policymanagementAlien vault _policymanagement
Alien vault _policymanagement
 
Technology to Stop Hackers
Technology to Stop Hackers Technology to Stop Hackers
Technology to Stop Hackers
 
Mdm with config mgr nico
Mdm with config mgr nicoMdm with config mgr nico
Mdm with config mgr nico
 
Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015Patch Tuesday Analysis - November 2015
Patch Tuesday Analysis - November 2015
 
Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSymantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
 
2009 Quick Heal
2009 Quick Heal2009 Quick Heal
2009 Quick Heal
 
Solaris servers sec
Solaris servers secSolaris servers sec
Solaris servers sec
 
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSXTECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
TECHNICAL WHITE PAPER▶ Applying Data Center Security with VMware NSX
 
MR201408 SE for Android Overview
MR201408 SE for Android OverviewMR201408 SE for Android Overview
MR201408 SE for Android Overview
 
Continuous monitoring with OSSIM
Continuous monitoring with OSSIMContinuous monitoring with OSSIM
Continuous monitoring with OSSIM
 
Taishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_Lab
 
Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015Patch Tuesday Analysis - September 2015
Patch Tuesday Analysis - September 2015
 
Audit Vault Database Firewall 12.2.0.1.0 installation
Audit Vault Database Firewall 12.2.0.1.0 installationAudit Vault Database Firewall 12.2.0.1.0 installation
Audit Vault Database Firewall 12.2.0.1.0 installation
 
Trusted extensions-gdansk-v1 0
Trusted extensions-gdansk-v1 0Trusted extensions-gdansk-v1 0
Trusted extensions-gdansk-v1 0
 
Prueba de Presentacion
Prueba de PresentacionPrueba de Presentacion
Prueba de Presentacion
 
USB Lock RP DEMO installation instructions
USB Lock RP DEMO installation instructionsUSB Lock RP DEMO installation instructions
USB Lock RP DEMO installation instructions
 
Symantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept DocumentSymantec Endpoint Encryption - Proof Of Concept Document
Symantec Endpoint Encryption - Proof Of Concept Document
 
Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016Patch Tuesday Analysis - May 2016
Patch Tuesday Analysis - May 2016
 
RuSIEM IT assets
RuSIEM IT assetsRuSIEM IT assets
RuSIEM IT assets
 
Windows 10 Migration Tips, Tricks, and Strategies
Windows 10 Migration Tips, Tricks, and StrategiesWindows 10 Migration Tips, Tricks, and Strategies
Windows 10 Migration Tips, Tricks, and Strategies
 

Similar to AlienVault 2.3 overview of new features for SIEM, reporting, user management and more

Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?AlienVault
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Sophos Benelux
 
Latest & Greatest Observability Release 7.9
Latest & Greatest Observability Release 7.9Latest & Greatest Observability Release 7.9
Latest & Greatest Observability Release 7.9Vitebsk Miniq
 
Monitoring system performance and health of i CEC 2012
Monitoring system performance and health of i CEC 2012Monitoring system performance and health of i CEC 2012
Monitoring system performance and health of i CEC 2012COMMON Europe
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than EverAlienVault
 
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docxeugeniadean34240
 
SCOM 2012 & SCCM 2012
SCOM 2012 & SCCM 2012SCOM 2012 & SCCM 2012
SCOM 2012 & SCCM 2012Amit Gatenyo
 
Comparative Analysis of IT Monitoring Tools
Comparative Analysis of IT Monitoring ToolsComparative Analysis of IT Monitoring Tools
Comparative Analysis of IT Monitoring Toolsapprize360
 
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsUsing SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsLumension
 
Introduction to Nokia Asha software platform 1.0
Introduction to Nokia Asha software platform 1.0Introduction to Nokia Asha software platform 1.0
Introduction to Nokia Asha software platform 1.0Microsoft Mobile Developer
 
What's New in AlienVault v3.0?
What's New in AlienVault v3.0?What's New in AlienVault v3.0?
What's New in AlienVault v3.0?AlienVault
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1solarisyougood
 
Oracle Audit vault
Oracle Audit vaultOracle Audit vault
Oracle Audit vaultuzzal basak
 
Arun Prasad-R.DOCX
Arun Prasad-R.DOCXArun Prasad-R.DOCX
Arun Prasad-R.DOCXArun R
 
3 App Compat Win7
3 App Compat Win73 App Compat Win7
3 App Compat Win7llangit
 
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...VMworld
 
scope of the kaseya smart pilot
scope of the kaseya smart pilotscope of the kaseya smart pilot
scope of the kaseya smart pilotkaseyaindia
 

Similar to AlienVault 2.3 overview of new features for SIEM, reporting, user management and more (20)

Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
 
SCOM Tips and Tricks
SCOM Tips and TricksSCOM Tips and Tricks
SCOM Tips and Tricks
 
Latest & Greatest Observability Release 7.9
Latest & Greatest Observability Release 7.9Latest & Greatest Observability Release 7.9
Latest & Greatest Observability Release 7.9
 
Monitoring system performance and health of i CEC 2012
Monitoring system performance and health of i CEC 2012Monitoring system performance and health of i CEC 2012
Monitoring system performance and health of i CEC 2012
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
 
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
 
SCOM 2012 & SCCM 2012
SCOM 2012 & SCCM 2012SCOM 2012 & SCCM 2012
SCOM 2012 & SCCM 2012
 
Comparative Analysis of IT Monitoring Tools
Comparative Analysis of IT Monitoring ToolsComparative Analysis of IT Monitoring Tools
Comparative Analysis of IT Monitoring Tools
 
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsUsing SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
 
What is My easy center 2.0 for SCCM ?
What is My easy center 2.0 for SCCM ?What is My easy center 2.0 for SCCM ?
What is My easy center 2.0 for SCCM ?
 
Introduction to Nokia Asha software platform 1.0
Introduction to Nokia Asha software platform 1.0Introduction to Nokia Asha software platform 1.0
Introduction to Nokia Asha software platform 1.0
 
What's New in AlienVault v3.0?
What's New in AlienVault v3.0?What's New in AlienVault v3.0?
What's New in AlienVault v3.0?
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1
 
Oracle Audit vault
Oracle Audit vaultOracle Audit vault
Oracle Audit vault
 
Arun Prasad-R.DOCX
Arun Prasad-R.DOCXArun Prasad-R.DOCX
Arun Prasad-R.DOCX
 
CCVSR_v2.pdf
CCVSR_v2.pdfCCVSR_v2.pdf
CCVSR_v2.pdf
 
3 App Compat Win7
3 App Compat Win73 App Compat Win7
3 App Compat Win7
 
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
VMworld 2013: NSX Security Solutions In Action - Deploying, Troubleshooting, ...
 
scope of the kaseya smart pilot
scope of the kaseya smart pilotscope of the kaseya smart pilot
scope of the kaseya smart pilot
 

More from AlienVault

Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsMeltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsAlienVault
 
Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?AlienVault
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultAlienVault
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMAlienVault
 
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...AlienVault
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection RecommendationsAlienVault
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienVault
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideAlienVault
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmAlienVault
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
PCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuidePCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuideAlienVault
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmAlienVault
 
The State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICThe State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICAlienVault
 
Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides finalAlienVault
 
Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMAlienVault
 
Improve Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesImprove Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesAlienVault
 
How Malware Works
How Malware WorksHow Malware Works
How Malware WorksAlienVault
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverAlienVault
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAlienVault
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMAlienVault
 

More from AlienVault (20)

Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and ExploitsMeltdown and Spectre - How to Detect the Vulnerabilities and Exploits
Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits
 
Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?Malware Invaders - Is Your OS at Risk?
Malware Invaders - Is Your OS at Risk?
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
 
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
SIEM for Beginners: Everything You Wanted to Know About Log Management but We...
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworks
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's Guide
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usm
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
 
PCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step GuidePCI DSS Implementation: A Five Step Guide
PCI DSS Implementation: A Five Step Guide
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usm
 
The State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICThe State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHIC
 
Incident response live demo slides final
Incident response live demo slides finalIncident response live demo slides final
Incident response live demo slides final
 
Improve Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USMImprove Situational Awareness for Federal Government with AlienVault USM
Improve Situational Awareness for Federal Government with AlienVault USM
 
Improve Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesImprove Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation Directives
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & Response
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
 

Recently uploaded

"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 

Recently uploaded (20)

"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 

AlienVault 2.3 overview of new features for SIEM, reporting, user management and more

  • 1. What’s New in AlienVault 2.3 New Features and Enhancements June 2010 Juan Manuel Lorenzo (jmlorenzo@alienvault.com)
  • 2. AlienVault 2.3Overview “The AlienVault Professional SIEM product combines the breadth and flexibility of Open Source software with the features and functionality present in any of AlienVault's competition.“ - Andrew Hay, Sr. Analyst, The 451 Group
  • 3. Synopsis Two Releases: AlienVault’s Professional SIEM version 2.3 Open Source SIEM (OSSIM) version 2.3 Some Features Available Only With AlienVault Professional SIEM Major Upgrades Reporting User Management Common Taxonomy Multi-Tenant (i.e. MSSP Deployments) 3
  • 4. New Feature Overview New Features and Enhancements Multi-Tenant User Architecture Enhanced User Management Enriched Security Taxonomy SIEM Console Reports Dashboards Vulnerabilities Distributed Network Discovery Installer Usability Improvements 4
  • 5. AlienVault 2.3 Details "Just a few hours later our SIEM Practice Manager grabbed me by the arm with a big smile: “You gotta see this!" Remarkably, our network had been auto-discovered, a Vulnerability Assessment had been run, net-flows were being captured, we had real-time visibility to network traffic, a snort ids sensor with an appropriate signature set had been deployed, and basic network monitoring functionality was in place."   - John Verry , Pivot Point Security
  • 6. Entities Definition: Groups, Departments, Companies... Assign User Permissions to Entities Simplifies AlienVault Management Admin Users for Each Entity Multi-Tenant Architecture 6
  • 7. Multi-Tenant Architecture Only available when using AlienVault Professional SIEM PROFESSIONAL VERSION OPEN SOURCE 7
  • 8. Abstraction: Use your Entities and Forget About Networks and Hosts Multi-Tenant Architecture Only available when using AlienVault Professional SIEM 8
  • 9. User Templates Simplifies user management Inherit permissions from an Entity User Management Only available when using AlienVault Professional SIEM 9
  • 10. Enriched Security Taxonomy Categorizes All Events Only available when using AlienVault Professional SIEM 10
  • 11. New Filters in SIEM Console Taxonomy-Based Reports Enriched Security Taxonomy 11
  • 12. SIEM Console Custom Event Viewer Functionality Merged into SIEM Console Select the events you want to see Select the columns you want to display Save your custom view 12
  • 13. Dashboards Enhanced Predefined Dashboard Capability Ability to revert to original default dashboards while maintaining custom ones Select the Default Panel 13
  • 14.
  • 16. Check network access before scanning14
  • 17. Vulnerability Assessment OpenVas 3 and Nessus 4.0.2 Support Import/Export Reports in NBE Format New Reporting Options Reports available to other users Reports available to entities (Only in professional version) 15
  • 18. Report Wizard Reporting System Only available when using AlienVault Professional SIEM 16
  • 19. Report Wizard Select the the time range, layout and users that will have access to the report Reporting System Only available when using AlienVault Professional SIEM 17
  • 20. Report Wizard Select the the time range, layout and users that will have access to the report Reporting System Only available when using AlienVault Professional SIEM 18
  • 21. Report Wizard Configure the sub-reports and add comments Reporting System Only available when using AlienVault Professional SIEM 19
  • 22. 1800+ Reporting Modules New Compliance Reports Taxonomy-Based Reports Automatically include events from different applications and devices Reporting System Only available when using AlienVault Professional SIEM 20
  • 23. Compliance Reports SOX ISO 27001 PCI DSS HIPAA FISMA Reporting System Only available when using AlienVault Professional SIEM 21
  • 24. Network Discovery Manage Remote Nmap Scans to do Network Discovery Network Discovery Can Now be Executed from the AlienVault Sensor 22
  • 25. Web Interface Using https VPN Auto-Configured (Only in Professional Version) Secure communications between the different AlienVault components Installer 23