How to Get Secure in Spiceworks with AlienVault

stay spicy

About AlienVault Threat AlertsAlienVault Threat Alerts are a simple yet powerful tool that comes built-in with Spiceworks. When a device on your networkhas been interacting with a known malicioushost or suspicious IP, you’ll immediately getan alert in your feed and you’ll get an alert email.

• The current threat landscape• What to do when you receive a Threat

Alert in Spiceworks• How to monitor cloud services &

internet facing devices with NEW Threat Monitor for Spiceworks

• How to take security even further with AlienVault's Unified Security Management (USM) platform

Overview

• More and more organizations are finding themselves in the crosshairs of various bad actors for a variety of reasons.

• The number of organizations experiencing high profile breaches is unprecedented.

• The “security arms race” cannot continue indefinitely as the economics of securing your organization is stacked so heavily in favor of those launching attacks that incremental security investments are seen as impractical.

Threat landscape: Our new reality

60% In 60% of cases, attackers

are able to compromise an organization within

minutes.

Source: Verizon Data Breach Report, 2015

“There are two types of companies that use computers. Victims of crime that

know they are victims of crime and victims of crime that don’t have a clue

yet.”- Jim RouthCISO, Aetna

Prevent Detect & Respond

Prevention is elusive

vs

AlienVault Alerts in Spiceworks:Dashboard & Device Details Page

Investigating Threat Alerts• FREAK OUT• Run thorough malware scan

on suspect machine and address any issues found

• Confirm via other sources (VirusTotal, IPVoid, etc) that IP is a threat

• Record incident• Flag IP address for review if

you believe it is a false positive

Remediation Advice• Download the white paper “

Remediation Tips for AlienVault Threat Alerts in Spiceworks”

• Great How-To with valuable tips on further investigation of threats in your environment

AlienVault Threat Monitor• Affordable, Cloud Security Monitoring in

Minutes• Cloud service with no on-premise technology• Low monthly cost

• Continuous Threat Detection• Real-time alerts integrated within your

Spiceworks desktop• Accelerates and simplifies your ability to

detect and respond to threats on your perimeter devices and cloud platforms

• Ability to scale threat detection without having to add staff

• Built-in security controls with continuous updates from AlienVault Labs

Q: Who will benefit from Threat Monitor? A: Any Spiceworks user who has:

Lack of visibility into attacks directed at cloud services and internet-facing on-premise systems Limited security expertise due to shortage of IT resources No dedicated security staff No threat intelligence to help identify & research threats No centralized management and control with existing security tools

Monitor your internet-facing network devices and cloud services including:

for Work

AlienVault Threat Monitor for Spiceworks

Top Features & Benefits

Security Monitoring of SaaS and Internet-facing Devices

• Scan devices for vulnerabilities• Monitor your cloud services for abuse and

intrusion • Track your company reputation: Know when

your network is being used for malicious activity• Alert you when threats are found or when your

systems have become compromised• Inform you about new and emerging threats

and how to remediate vulnerabilities and misconfigurations

AlienVault Products Comparison

AlienVault Product Pricing Form Factor Cloud App Monitoring

On-Premise Monitoring

Integrated Threat

Intelligence

FREE Cloud No No No

Starts at $295/ Month Cloud Yes

Internet-Facing

DevicesBasic

Starts at $3900

Virtual orPhysical

ApplianceNo Yes Yes

USM PlatformASSET DISCOVERY• Active Network Scanning• Passive Network Scanning• Asset Inventory

VULNERABILITY ASSESSMENT• Continuous

Vulnerability Monitoring• Authenticated /

Unauthenticated Active Scanning

BEHAVIORAL MONITORING• Netflow Analysis• Service Availability

Monitoring

SIEM• Log Collection• Event Correlation• Incident Response

INTRUSION DETECTION• Network IDS• Host IDS• File Integrity Monitoring

Built-In, Essential Security Controls

Unified Security ManagementUnified Security Management Platform

A single platform for simplified, accelerated threat detection, incident response & policy compliance

AlienVault Labs Threat IntelligenceCorrelation rules and directives written by ourAlienVault Labs team and displayed throughthe USM interface

Open Threat Exchange The world’s largest repository ofcrowd-sourced threat data providing acontinuous view of real time threats that mayhave penetrated the company’s defenses.

888.613.6023

ALIENVAULT.COM

CONTACT US

HELLO@ALIENVAULT.COM

Now for some Questions..Download a Free 30-Day Trial of USMhttp://www.alienvault.com/free-trial

Check out our 15-Day Trial of USM for AWShttps://www.alienvault.com/free-trial/usm-for-aws

Try our Interactive Demo Sitehttp://www.alienvault.com/live-demo-site

Join OTX:https://www.alienvault.com/open-threat-exchange