How to Get Secure in Spiceworks with AlienVault
stay spicy
About AlienVault Threat AlertsAlienVault Threat Alerts are a simple yet powerful tool that comes built-in with Spiceworks. When a device on your networkhas been interacting with a known malicioushost or suspicious IP, you’ll immediately getan alert in your feed and you’ll get an alert email.
• The current threat landscape• What to do when you receive a Threat
Alert in Spiceworks• How to monitor cloud services &
internet facing devices with NEW Threat Monitor for Spiceworks
• How to take security even further with AlienVault's Unified Security Management (USM) platform
Overview
• More and more organizations are finding themselves in the crosshairs of various bad actors for a variety of reasons.
• The number of organizations experiencing high profile breaches is unprecedented.
• The “security arms race” cannot continue indefinitely as the economics of securing your organization is stacked so heavily in favor of those launching attacks that incremental security investments are seen as impractical.
Threat landscape: Our new reality
60% In 60% of cases, attackers
are able to compromise an organization within
minutes.
Source: Verizon Data Breach Report, 2015
“There are two types of companies that use computers. Victims of crime that
know they are victims of crime and victims of crime that don’t have a clue
yet.”- Jim RouthCISO, Aetna
Prevent Detect & Respond
Prevention is elusive
vs
AlienVault Alerts in Spiceworks:Dashboard & Device Details Page
Investigating Threat Alerts• FREAK OUT• Run thorough malware scan
on suspect machine and address any issues found
• Confirm via other sources (VirusTotal, IPVoid, etc) that IP is a threat
• Record incident• Flag IP address for review if
you believe it is a false positive
Remediation Advice• Download the white paper “
Remediation Tips for AlienVault Threat Alerts in Spiceworks”
• Great How-To with valuable tips on further investigation of threats in your environment
AlienVault Threat Monitor• Affordable, Cloud Security Monitoring in
Minutes• Cloud service with no on-premise technology• Low monthly cost
• Continuous Threat Detection• Real-time alerts integrated within your
Spiceworks desktop• Accelerates and simplifies your ability to
detect and respond to threats on your perimeter devices and cloud platforms
• Ability to scale threat detection without having to add staff
• Built-in security controls with continuous updates from AlienVault Labs
Q: Who will benefit from Threat Monitor? A: Any Spiceworks user who has:
Lack of visibility into attacks directed at cloud services and internet-facing on-premise systems Limited security expertise due to shortage of IT resources No dedicated security staff No threat intelligence to help identify & research threats No centralized management and control with existing security tools
Monitor your internet-facing network devices and cloud services including:
for Work
AlienVault Threat Monitor for Spiceworks
Top Features & Benefits
Security Monitoring of SaaS and Internet-facing Devices
• Scan devices for vulnerabilities• Monitor your cloud services for abuse and
intrusion • Track your company reputation: Know when
your network is being used for malicious activity• Alert you when threats are found or when your
systems have become compromised• Inform you about new and emerging threats
and how to remediate vulnerabilities and misconfigurations
AlienVault Products Comparison
AlienVault Product Pricing Form Factor Cloud App Monitoring
On-Premise Monitoring
Integrated Threat
Intelligence
FREE Cloud No No No
Starts at $295/ Month Cloud Yes
Internet-Facing
DevicesBasic
Starts at $3900
Virtual orPhysical
ApplianceNo Yes Yes
USM PlatformASSET DISCOVERY• Active Network Scanning• Passive Network Scanning• Asset Inventory
VULNERABILITY ASSESSMENT• Continuous
Vulnerability Monitoring• Authenticated /
Unauthenticated Active Scanning
BEHAVIORAL MONITORING• Netflow Analysis• Service Availability
Monitoring
SIEM• Log Collection• Event Correlation• Incident Response
INTRUSION DETECTION• Network IDS• Host IDS• File Integrity Monitoring
Built-In, Essential Security Controls
Unified Security ManagementUnified Security Management Platform
A single platform for simplified, accelerated threat detection, incident response & policy compliance
AlienVault Labs Threat IntelligenceCorrelation rules and directives written by ourAlienVault Labs team and displayed throughthe USM interface
Open Threat Exchange The world’s largest repository ofcrowd-sourced threat data providing acontinuous view of real time threats that mayhave penetrated the company’s defenses.
888.613.6023
ALIENVAULT.COM
CONTACT US
Now for some Questions..Download a Free 30-Day Trial of USMhttp://www.alienvault.com/free-trial
Check out our 15-Day Trial of USM for AWShttps://www.alienvault.com/free-trial/usm-for-aws
Try our Interactive Demo Sitehttp://www.alienvault.com/live-demo-site
Join OTX:https://www.alienvault.com/open-threat-exchange