A few weeks ago we launched a new free service called Reputation Monitor Alert. The service aims to alert companies about potential compromised systems and other security problems in their infrastructure. To do this we use all the threat intelligence we gather using our IP reputation database among other external reputation sources.
Once you login you just have to enter the domains, networks and IP addresses that you want to monitor.
From that moment the system will send you an alert every time our systems detect a potential compromise or suspicious behaviour including:
- Malicious behavior detected using our OTX system.
- DNSBL blacklists
- DNS changes
- SSL changes
- Information about your assets in pastebin, pastie, etc.
The detection engine uses the threat data our internal systems collect and the information that Alienvault OSSIM and USM users can voluntarily contribute from a wide range of devices in their environment (firewalls, proxies, web servers, anti-virus systems, and intrusion detection/prevention systems). This data is automatically processed, aggregated, validated and enriched. By gathering theat data from a diverse install base, across many industries and countries and companies of all sizes and mixing this with new threat vectors, our engine is able to discover and alert you when one of your assets has been compromised or presents suspicious behaviour.