LevelBlue Completes Acquisition of Cybereason. Learn more

Request a Demo

LevelBlue Completes Acquisition of Cybereason. Learn more

Submit RFP
Request a Demo
Services
Cyber Advisory
Managed Cloud Security
Data Security
Manage Detection & Response
Email Security
Managed Network Infrastructure Security
Exposure Management
Security Operations Platforms
Incident Readiness & Response
SpiderLabs Threat Intelligence
View All Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Operational Technology
End-to-end OT security
Microsoft Security
Unlock the full power of Microsoft Security
Securing the IoT Landscape
Test, monitor and secure network objects
Why LevelBlue
About Us
We reduce cyber risk and fortify organizations
Awards and Accolades
Recognition by analysts and media outlets
LevelBlue SpiderLabs
Global researchers, ethical hackers, and responders
LevelBlue Security Operations Platforms
Unprecedented security visibility and control
Security Colony
Access to cybersecurity threat protection resources
Partners
Microsoft
Unlock the full power of Microsoft Security
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP

What's new in AlienVault v5.3?

2 Minute Read by Lauren Barraco

**OSSIM is no longer in use as we focus on delivering enhanced solutions for our users**

The AlienVault product team is constantly working to improve USM and OSSIM for all users. Over the past few months, we’ve conducted extensive user experience interviews and studies to analyze how customers are using our product, and to identify key areas where we can make your life better, your work easier, and help you spend your time more effectively. Here is a video on 5.3 focusing on one of the new features.

  • What USB devices are connected to your hosts

The need for speed

In v5.3, our primary focus is on efficiency – how can we help you get to the information you need more quickly and use the product in a more efficient way. Based on your feedback, we’ve made the following changes to help you work more quickly.

Alarm Identification

No more sticky notes! Every alarm in USM and OSSIM has an alarm ID. You can use these IDs to search for alarms in the Web UI or to link directly to the alarm in the URL to help you find and share the information you need faster.

Every alarm in AlienVault has an alarm ID

Vulnerability Scans for Large Networks

Monitoring a big network? You don’t need to create multiple scans anymore. Run vulnerability scans on any size network - including a /16 network. Large scans will be split up into multiple scans of 3500 assets each and will run consecutively.

Alarm and Event Risk

The first thing you’ll notice is the new color-coded risk visualizations on the alarm and events screens. Green for low, orange for medium, and red for high. Risk is calculated based on the reliability and priority of the event and the asset value that has been assigned to the asset involved. Additionally, we’ve updated our filters so that you can quickly see all events and alarms with a certain level of risk.

AlienVault's new alarm and event risk views

Improved Policy Creation

We know how cumbersome it can be to create policies for USM and OSSIM, so we tried to make things a bit easier. In v5.3, you can quickly create policies based on risk by setting alerts for any events with reliability/priority "greater than" or "less than" a certain level.

Bulk Delete Messages in the Message Center

Clean up that inbox and manage your messages more efficiently. You can now delete multiple messages at once in the Message Center, instead of deleting them one by one.

Bulk delete messages in the AlienVault Message Center

Know what your users are doing on your network

Beyond efficiency, the second focus for our team was to improve your ability to detect insider threats. According to the 2016 Verizon Data Breach Report, “The majority of use of unapproved hardware in breaches involve use of USB drives to steal data.” AlienVault v5.3 delivers several enhancements to improve your ability to find indicators of insider threats such as data exfiltration and unauthorized user activity. These enhancements also improve your ability to comply with the latest regulatory requirements.

USB Device Detection

USB devices are the most common type of unapproved hardware used to steal data during a breach. As an enhancement to our insider threat detection capabilities, USM and OSSIM alert you when a USB device connects to an asset in your environment.

User Logon Activity

USM and OSSIM alert you when users log on and log off of machines in your environment so that you can keep track of where users are spending time on your network.

Stay up-to-date with the latest compliance changes

Along with enhancements noted above, we’ve updated our PCI DSS reports to be compatible with the new PCI DSS 3.2 standard. As of October 31, 2016, the existing PCI DSS 3.1 standards will expire and organizations will be expected to comply with the changes made in PCI DSS 3.2. Learn more about how AlienVault helps you achieve PCI compliance.

For more information about v5.3, you can check out the release notes on the forums. We would love to hear your feedback on the new release, so please post your questions and comments. If you’re new to AlienVault and you’d like to see how to put these features to work in your own environment, feel free to create your own personalized demo, explore the online demo, or download the free trial today.

ABOUT LEVELBLUE

LevelBlue is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

usm

Latest Intelligence

Crowdsourced Penetration Testing: Understanding the Risks for Better Decision-Making
Art and Science: Cyber and Physical Security Convergence Deficiencies in the Louvre Heist
LevelBlue Futures Report: Retail Leaders Reveal Security Concerns

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo