Armed with an extra $22.4 million in its pocket following a Series C financing round announced just over a week ago, AlienVault, the San Mateo, California-based company behind open source SIEM, OSSIM, and the AlienVault Open Threat Exchange, today announced the latest version of its suite of security management products.
Based on OSSIM, the AlienVault Unified Security Management platform (AV-USM) combines more than 30 security tools that provide users with security capabilities including asset discovery, vulnerability assessment, threat detection, behavioral monitoring, and security intelligence, into a single management console.
The company says this latest update of the AV-USM platform offers significant enhancements in scalability, performance and usability, and brings more than 200 enhancements and new features including:
• AlienVault Center: An web interface that centralizes configuration, monitoring and management of all AlienVault security tools and components.
• Dynamic Asset Inventory: Enhanced forensic visibility into dynamic environments for improved incident response; deep historical insight into the state and configuration of assets, including details on which services were running, what users were authenticated and the configuration of network interfaces.
• Enhanced Event Processing and Storage: Up to 3x improvement in event throughput for improved correlation and up to 6x increase in time window of event storage for better forensic investigation.
Additionally, while not a new feature, the AlienVault Open Threat Exchange, a community-sourced threat database and intelligence feed, is built into the AV-USM platform and OSSIM to provide users with real-time collaborative defense.
“It is the combination of real-time monitoring, context like threat, vulnerability, user, asset, data and application and ‘smart eyeballs’ that will improve a company’s chances of early breach detection beyond the current 15% success rate,” said Mark Nicolett, research vice president, Gartner, Inc. in his report, Using SIEM for Targeted Attack Detection, published March 2012. “A unified approach for SIEM is more effective when management processes have been implemented and there is some degree of role-based access control.”
The company also recently launched a new community forum to provide OSSIM and AlienVault users with an online resource for technical support, product guides and discussion on security threats and trends.
“Our unified security management platform brings together all of the necessary components for deep visibility across the enterprise,” said Russ Spitler, VP of Product Management at AlienVault. “In conjunction with our threat intelligence service, we’ve made it easy for any organization to establish a sophisticated and comprehensive security program without the overhead and deployment challenges that come with multiple complicated, disconnected tools.”
AlienVault says that it is experiencing rapid growth, noting in a recent announcement that it has added over 60 new customers during the first half of 2012, and more than doubling in revenue.
The latest version of the AlienVault Unified Security Management platform is available now.
