Powerful Threat Detection & Response for On-Premises Environments

AlienVault® USM Appliance™ is an all-in-one platform designed and priced to accelerate and simplify threat detection, incident response, and compliance management for resource-constrained IT security teams so they can effectively defend themselves against today’s advanced threats — starting on Day One.

USM Appliance includes the essential security capabilities and continuously delivered threat intelligence needed to quickly and easily identify and respond to threats in your physical and virtual infrastructure. This unified security management approach delivers everything needed in a single, easy-to-deploy, cost-effective solution to detect threats to on-premises infrastructure, data, and users without the headache involved in purchasing and deploying several expensive, difficult-to-deploy point solutions.

Unlike traditional SIEM or security point products, AlienVault’s USM Appliance provides:

  • Multiple Essential Security Monitoring Capabilities Without Multiple Consoles
  • Unified Security Monitoring Across On-Premises Environments
  • Simple Security Event Management and Reporting
  • Continuous Threat Intelligence to Keep You Aware of Threats
  • Fast and Easy Deployment

AlienVault Unified Security Management: Better Threat Detection for Effective Response

The AlienVault USM Appliance is a unified threat detection and compliance management solution for all of your on-premises environments that is both easy-to-use and affordable. We’ve built all of the essential security capabilities you need into one Unified Security Management platform, which is then powered by up-to-the-minute threat intelligence from the AlienVault Labs Security Research Team and our Open Threat Exchange™ (OTX™)— the world’s first truly open threat intelligence community that enables collaborative defense with actionable community-powered threat data.

The result is a powerful solution, available in a virtual or physical appliance form factor, that delivers on its promise of complete security visibility.

The Unified Security Management Difference

5 Essential Security Capabilities in a Single Console

The AlienVault USM Appliance provides five essential security capabilities in a single console, giving you everything you need to manage both compliance and threats. Understanding the sensitive nature of IT environments, we include active, passive, and host-based technologies so that you can match the requirements of your particular on-premises environment.

Asset Discovery

Know who and what is connected to your on-premises environments at all times

  • Active Network Scanning
  • Passive Network Monitoring
  • Asset Inventory
  • Services Inventory

Asset Discovery

Vulnerability Assessment

Know where the vulnerabilities are on your assets to avoid easy exploitation and compromise

  • Authenticated/ Unauthenticated Vulnerability Scans
  • Continuous Vulnerability Monitoring

Vulnerability Assessment

Intrusion Detection

Know when suspicious activities happen in your environment

  • Network IDS
  • Host IDS
  • File Integrity Monitoring (FIM)

Threat Detection

Behavioral Monitoring

Identify suspicious behavior and potentially compromised systems

  • Netflow Analysis
  • Service Availability Monitoring
  • Full Packet Inspection

Behavioral Monitoring


Correlate and analyze security event data from across your network and respond

  • Log Management
  • Event Correlation
  • Incident Response
  • Reporting and Alarms

Security Intelligence

alienvault labs

Actionable Threat Intelligence Delivered Directly to You

Most teams don’t have unlimited resources to research the latest threats in the wild. That’s why the AlienVault Labs Security Research Team works on your behalf to scour the global threat landscape for emerging latest attack methods, bad actors, and vulnerabilities that could impact your security. This team analyzes hundreds of thousands of threat indicators daily and delivers continuous threat intelligence updates automatically to your USM environment, in the form of actionable IDS signatures, correlation rules, remediation guidance, and more. With this integrated threat intelligence subscription, you always have the most up-to-date threat intelligence as you monitor your environment for emerging threat.

To provide deeper and wider insight into attack trends and bad actors, the AlienVault Labs Security Research Team leverages the power of the Open Threat Exchange® (OTX™)—the world’s first truly open threat intelligence community. This community of security researchers and IT professionals collaborate and share millions of threat artifacts as they emerge “in the wild,” so you get global insight into attack trends and bad actors that could impact your operations.

Get Visibility Across Your Entire On-premises Environment

Achieving complete security visibility can be time-consuming, expensive, and complex. Collecting the right data, aggregating it, normalizing it, and correlating disparate technologies to get a complete view of your security posture isn’t a trivial effort. Ownership of the built-in data sources and management platform, coupled with unmatched security expertise delivered by the AlienVault Labs Security Research Team, provides effective security controls and seamlessly integrated threat intelligence for your on-premises environment.

Within minutes of installing the USM Appliance, our asset discovery features – Active Network Scanning, Passive Network Monitoring, Asset Inventory – will provide you visibility into the assets on your network, what software and services are installed on them, how they’re configured, and any potential vulnerabilities and active threats being executed against them.

Maintain Control Over Your Infrastructure

AlienVault USM Appliance is designed to help you monitor your physical and virtual infrastructure. It is designed for organizations that need something you can install, manage, and fully control in your own data center.

USM Appliance Sensors are deployed to your offices, data centers, and other on-premises locations to scan, monitor, and collect data from your network to provide you the visibility needed to monitor your on-premises environment effectively.

Achieve Comprehensive Compliance Management without the Headaches

IT compliance management is often a manual process that requires knowledge of your assets, log data collection, data centralization, intrusion detection, log analysis and reporting. USM Appliance delivers a single platform to help you manage compliance initiatives – saving you from the time, cost, and complexity of integrating multiple disparate technologies.

USM Appliance offers hundreds of built-in reports to support your compliance programs (e.g. PCI-DSS, ISO, SOX, HIPAA, GLBA, NERC CIP, GPG13, etc.). These are automatically updated as asset and vulnerability assessment data changes, and you can quickly customize them based on your own compliance priorities.

Quickly get answers to critical IT compliance management questions such as:

  • Where do your critical assets live, how are they configured, and how are they segmented from the rest of your network?
  • Who accesses these resources?
  • What are the vulnerabilities on my assets, have they been resolved, and how important are they?
  • What constitutes your network baseline and what is considered normal or acceptable?