AlienVault Threat Intelligence provides automated updates to AlienVault USM for targeted detection of the latest threats. Unlike single-purpose threat intelligence feeds focused on only one security control, AlienVault Labs Threat Intelligence delivers multiple coordinated rulesets, fueled by the collective power of the Open Threat Exchange. AlienVault Labs Threat Intelligence drives the USM security capabilities in identifying the latest threats, resulting in the broadest view of attacker techniques and effective defenses.
The rulesets updated weekly, are:
· Network-based IDS signatures
· Vulnerability database updates
· Event correlation rules
· Report modules and templates
AlienVault OTX also delivers high frequency updates of indicators of compromise based on details collected about attackers’ infrastructure (i.e. IP addresses, domains, URLs) as well as details about the tools they use to infiltrate systems (i.e. file hashes and static/dynamic analysis of exploit kits, malware, etc.).
More about Threat Intelligence with AlienVault USM:
https://www.alienvault.com/products/threat-intelligence
Have a question? Ask it in our forum:
https://www.alienvault.com/forums/
0 Comments