THE CYBER SECURITY CHALLENGE
The latest statistics from the Department of Home Affairs reveal the estimated cost to Australian businesses due to cybercrime is $29 billion per year. With the average cyber incident taking up to 51 days to resolve and costing the business $276,323, this surge in malicious activity means cybersecurity is not just something to consider but it’s a necessity for the future of business.
In ‘A Call for Views‘, a discussion paper on the 2020 Cyber Security Strategy, The Minister for Home Affairs said “cybersecurity has never been more important for economic prosperity and will underpin the future for Australian business”
Herein lies the challenge, most organisations simply don’t have the resources to extensively research the global threat landscape for the latest attack vectors, nor spend the time analyzing every indicator that an attack is happening.
Yet data security depends on the ability to rapidly detect and respond to emerging threats across the cloud and on-premises environments and not to mention attack methods and strategies are evolving constantly, making threat detection a moving target.
START YOUR FREE TRIAL
A SIMPLE SOLUTION
The constantly evolving cyber threat landscape is why FocusNet Technology employs AT&T’s AlienVault USM, which leverages threat intelligence from the Open Threat Exchange (OTX) — the world’s largest open threat intelligence community of security experts, researchers, and I.T. professionals who provide global insight into the latest attack trends, bad actors, indicators of compromise, and affected industries.
The community consists of more than 65,000 participants, over 140 countries, and scopes at least 14 million threat indicators every day. This unified alliance is one of if not the strongest defense against cyber crime in the world today.
CYBER RISK ASSESSMENTS
Proactively implementing a security plan for your business is more cost-effective in terms of time, money and effort than having to respond to a large-scale cyber security incident. FocusNet Technology is well aware that a single mitigation strategy will not guarantee the prevention of a security incident, therefore to provide confidence to organisations and ensure the best protection our security consultants provide comprehensive risk-based cyber posture assessments.
While every organisation can benefit from this assessment, it’s especially true if:
- You are getting started with a new regulatory compliance effort.
- You have never done an assessment or don’t recall the last time you did.
- You store large amounts of sensitive data.
- You recently migrated areas of your network or business to the cloud.
- You recently consolidated IT systems in a merger or acquisition.
- You are planning your future security investments and initiatives.
- You notice an increase in cybersecurity incidents in your industry.
THE BENEFITS OF THE PLATFORM
With the all-in-one platform our top-tier professionals manage cyber defense at the highest level, providing businesses with confidence and peace of mind knowing their I.T. infrastructure is in good hands.
FocusNet Technology’s security team is dedicated to staying on the pulse of the latest cutting-edge technological advantages and with AlienVault USM organisations can benefit from:
- Essential security capabilities in a single platform, including asset discovery, vulnerability assessment, intrusion detection, behavioural monitoring, security information, event management and log management.
- Eliminate blind spots in your cloud, hybrid cloud, & on-premises environments.
- Detect emerging threats across your infrastructure with real-time, integrated threat intelligence.
- Respond quickly to incidents & conduct thorough investigations.
- Measure, manage, & report on compliance (PCI, HIPAA, ISO, & more).
- Optimize your existing security investments and reduce risk.
- Choose from flexible options for a solution that’s tailor-fit to your environment and business objectives.
WHAT ARE PEOPLE SAYING?
“Alienvault is wonderful”
“With AlienVault USM Anywhere, we have been able to perform our daily duties, quicker and more precisely then we could before. We are able to act upon threats quicker and know where they are coming from. AlienVault USM Anywhere is well suited in the log normalization, log retrievals, It helps in reviewing logs in one location so you are not bouncing from one server or equipment to the next. We also are using AlienVault in our Azure environment for monitoring of applications and virtual machines that are housed in the cloud. This is through firewall logs and the AlienVault Agents. ”
By Corey Foster, Sr. System Administrator / Network Administrator
West Virginia Secretary of State of Mac Warner (Information Technology and Services, 51-200 employees) May 4, 2019
“AlienVault Is a Success”
“AlienVault is being used for the Security Team to see all host and network traffic. This real-time SIEM is tuned to give us alarms we actually need to look at on a daily basis. It took some time to tune it how we wanted to, it sees a ton of traffic so we needed to gather together as a team to do some cleanup for about 2 months. Once this was done we are very happy. We had a lot of false positives at first, once we tuned it to get real-time alarms this is a great tool to have. We get threat intelligence from multiple systems we run in for our organization. ”
By Daniel Jones, Security Analyst
AmeriBen (Health, Wellness and Fitness, 501-1000 employees) June 19, 2019
“USM Anywhere, the easy SIEM”
“It simply does it’s job, it finds things and lets us know we need to remediate. We catch at least once malware event each week. LogRhythm was a top contender, the cost and complexity to implement made USM an easy choice. ”
By Jason LeBlanc, Consultant
Aon Integramark (Insurance, 201-500 employees) June 11, 2019
“AlienVault USM gives more visibility than I have ever had in one pane of glass.”
“AlienVault has given us great visibility into security threats in O365, on servers, workstations, and FWs, all using one pane of glass. We chose AlienVault based on cost and features, and that the scope was only security logging, this was the best option. Logrhythm was a bit pricier. Splunk had some decent features, but for the amount AlienVault was the best for us. Pre-built alerts allow AlienVault to be effective right away. There’s no need to spend days creating alerts for it to be usable.”
By Stephen Squires, Director of Information Security
Brightree LLC (Hospital & Health Care, 501-1000 employees) May 31, 2019
“USM SaaS implementation for AWS and linux instances”
“The ability to track and respond to suspicious events and document them completely is super key to our organization. AlienVault is able to alert us of many issues with minimal configuration, including adding/removing users to sensitive groups. Logs can be quickly sorted by source, log type, and/or keyword searches. There have been many occasions where we were able to find non-security related issues due to the simple yet advanced search abilities.”
By John DeLay, Lead Information Security Engineer
Narrative Science (Information Technology and Services, 51-200 employees) May 31, 2019
“AlienVault gives you eyes without the extra bodies :)”
“I have found that USM Anywhere can fill a critical gap in your security program, and I would recommend it for both small, medium, and large businesses. Alienvault was selected as our SIEM solution to provide cutting-edge monitoring, analytics and alerting, and it has the added benefit of being able to conduct vulnerability assessments.In our situation, USM Anywhere was put in place to allow for extra analysis and intelligence without additional analyst resources. USM Anywhere has accomplished this. ”
By Authenticated Reviewer, Analyst
a Biotechnology company with 11-50 employees May 28, 2019
“Accurate, easy to setup, no maintenance required, but UI needs to improve.”
USM does have the advantage of stack or reduce duplicated alerts. Plus USM integrates various plugins that are able to integrate many systems into one platform. A lot less trouble to source logs from a variety of systems. It has done very well on a complicated network environment. It detects risk very well. No need to mess with Suricata rules.”
By XianJiang Cai, Sr. Operation Engineer
TeleNav (Internet, 501-1000 employees) April 28, 2019
“A very positive step towards keeping our network secure!”
“We use AlienVault USM across our entire organization. It was purchased to help us improve our ability to respond to cyber security threats by keeping up with patching and tracking down vulnerabilities… AlienVault USM is much more comprehensive than other security technology that we had previously used. It allows us to stay up to date on important preventative measures.”
By Kirk Fischer, Internal Auditor
Tennessee Farmers Cooperative (Farming, 201-500 employees) May 10, 2019
“AlienVault USM from the perspective of a non-security IT department”
“Support, training, and implementation were top notch. Very helpful people who answered questions clearly and concisely. Event correlation has helped tremendously by centralizing all the data into one feed that we can filter easily. Vulnerability assessment is very good. ”
By Tim Valus, IT Manager
NPK Construction Equipment (Construction, 51-200 employees) April 24, 2019
“Pretty good at what it does”
“AlienVault USM has achieved this by consolidating a bunch of different tools into one tool. We no longer need to maintain 6-7 different tools to meet our PCI DSS requirements. Easily satisfies several PCI DSS requirements. We use AlienVault USM to satisfy PCI DSS requirements. Namely event logging and audit, change audit, and Intrusion Prevention services. ”
By Elliott Yau, Network and Application Specialist
CARNA (Hospital & Health Care, 51-200 employees) April 24, 2019
“AlienVault OSSIM SaaS Review”
“The OTX platform has proven to be instrumental in identifying threats in our environment quickly and accurately. The ability to correlate login events to known malicious hosts. Has generated many actionable alerts that we chased down and identified as real threats in our environment. The correlation with OTX has proven to be quite useful and saved a lot of time. After the initial tuning of the platform, this has most definitely saved us time in identifying incidents and allowed us to have most of our logs in one place. ”
By Tyler Michels, Security Specialist
Netsmart Technologies (Computer Software, 1001-5000 employees) April 11, 2019
“Great Product, Great Value”
“Of the many SIEM solutions that I have worked with in the past, AlienVault USM Anywhere has the best value. AlienVault will correlate logs from your network to decide whether an incident really is an incident. AlienVault is a fantastic solution in helping detect security threats. ”
By Jason G, Security Analyst
Abacode Cybersecurity (Computer & Network Security, 51-200 employees) October 20, 2018
“Alienvault USM Rapid Implementation for effective reporting in SMB Environment.”
“With short time for implementation, AlienVault was the simple choice for our current implementation. The implementation of AlienVault provides advanced and rapid alerting of security threats from the initial phases of environmental awareness. Easily customizable to allow reporting for different functions and users within the organization. ”
By Allan Jacks, Chief Technical Officer
Rolka Loube LLC (Consumer Services, 11-50 employees) October 23, 2018
“AlienVault USM …A decent SIEM tool..”
“AlienVault USM Anywhere is one of the best tools I have experienced because it is not only SIEM but also it gives us other functionality as well, like asset discovery, vulnerability assessment… AlienVault provides us a very suited user guide as well as a deployment and configuration guide to configure the solution. So that anybody can easily deploy and configure it. Because the product gives us many useful tools into a relatively easy to use a system, it can do multiple things that include: monitoring abnormal activities on servers, network devices, network traffic etc. ”
By Rajnikant Bhandare, Security Analyst SOC
Sumasoft Pvt Ltd (Information Technology and Services, 501-1000 employees) November 13, 2018
“AlienVault USM Anywhere taking cyber security to the outer reaches of space”
“With using the AlienVault USM you can effectively save time and money due to the all in one platform The ability to quickly spot at network security issue and resolve it before a hacker can utilise the vulnerability allows a proactive approach to company cyber security… OTX – The open threat exchange integrations enables the USM to use all the latest threat indicators to correlate against incoming threats without the need to manually add rules to your USM. ”
By Scott Holland, CEO
Frontline Cyber Security Ltd (Computer & Network Security, 1-10 employees) October 22, 2018
“A complete security framework that works on multiple layers.”
“The main factor was meeting requirements for GDPR, but the tool provided much more than we needed. Since AlienVault is a versatile tool, having versions for various cloud providers as well as virtualization frameworks, it adheres to the most diverse scenarios. By choosing AlienVault in the company where I currently work, I no longer need to worry about the tool itself, installation, maintenance, upgrade, etc.”
By Erlon Sousa Pinheiro, DevOps Engineer
Two Hat Security (Computer & Network Security, 11-50 employees) September 12, 2018
“AlienVault after 1 year”
“For sure we saved lots of time during the day for the system checkup. For me, it’s about an extra 2-3h per day which I can do something else not just checking logs and writing new scripts… It helped us to detect some anomalies in the configuration of servers, which were just simple human mistakes. Also, helped with daily detection of any scans and attacks. It simplified our AWS checks and adding new servers, it’s very intuitive. It consolidated logs in one place so it was very helpful for us as earlier we had to check most of them separately. ”
By Patrick Noc, System Administrator
III (Education Management, 51-200 employees) June 5, 2018