Cisco Security and AT&T Cybersecurity AlienVault

AlienVault’s Unified Security Management (USM) solution integrates asset discovery, behavioral monitoring, vulnerability assessment, security information and event management (SIEM), and intrusion detection into an all-in-one platform designed and priced to ensure that organizations of all sizes with limited resources and security teams can effectively defend themselves against today’s advanced threats.

Product Integrations

• SecureX threat response: Threat Response module to query AlienVault OTX for observables (IP, IPV6, domain, hash values) and return Sightings and Indicators from the "Pulses" in AlienVault. Pivot to AlienVault OTX UI via referring actions.
• Secure Endpoints: The AlienApp for Cisco Secure Endpoint enables you to automate threat detection and response activities between USM Anywhere and Cisco Secure Endpoint. It also enhances the threat response capabilities of USM Anywhere by providing orchestration and response actions to isolate or unisolate hosts based on risks identified in USM Anywhere. In addition, it allows you to collect hourly events from Cisco Secure Endpoint through the USM Anywhere Job Scheduler.
• Secure Firewall ASA: AlienVault provides a STIX formatted threat intelligence feed for customers using Firepower Management Center's Threat Intelligence Director (TID) to rapidly update detection against new and complex threats.
• Umbrella: The AlienApp™ for Cisco Umbrella delivers advanced security orchestration capabilities between AlienVault® USM Anywhere™ and Cisco Umbrella (formerly OpenDNS), shortening the time from threat detection to response through security automation.