AlienApps™ extend the threat detection and security orchestration capabilities of the USM Anywhere platform to other security tools that your IT team uses, providing a consolidated approach to threat detection and response. With AlienAppsAlienApps extend the threat detection and security orchestration capabilities of the USM Anywhere platform to other security tools that your IT team uses, providing a consolidated approach to threat detection and response., you can monitor more of your security posture directly within USM Anywhere, including your cloud services like Microsoft Office 365 and Google G Suite. AlienApps also enable you to automate and orchestrate response actions in security tools from vendors such as Cisco and Palo Alto Networks, greatly simplifying and accelerating the threat detection and incident response processes.
AlienApps are different from USM Anywhere data plugins. Plugins have a singular function to translate raw log data into normalized events for analysis by USM Anywhere. But AlienApps do much more, including collecting and enriching log data, performing threat analysis, and providing workflow that coordinates response actions with the infrastructure and third-party applications to provide security orchestration.
AlienApps extend the capabilities of USM Anywhere through integrations with leading security tools, most specifically in the following areas:
- Data extraction.
- Correlation of data to produce events and alarms.
AlienApp dashboards that display data collected from your network, which help you visualize your environment and alert you to issues originating from a particular data source. These dashboards are visible if you have data for them. Sometimes it takes a few minutes for the dashboards to display. See USM Anywhere Dashboards for more information.
Important: If there are events from the last seven days, then you can see the related dashboard. When there are no events from the previous seven days, that dashboard doesn't display.
Orchestration ability that enables you to automate your security operations in a variety of ways. For example, if USM Anywhere finds data associated with a malicious website, orchestration rules might stipulate that this information be sent to a third-party database for an external product.
Edition: AlienApp orchestration features are available in the Standard and Premium editions of USM Anywhere.
See https://cybersecurity.att.com/pricing for more information about the feature and data support provided by each of the USM Anywhere editions.
|Essentials for MSSP||Standard||
|AlienApp for Box|
|AlienApp for Carbon Black|
|AlienApp for Cisco Umbrella|
|AlienApp for Cloudflare|
|AlienApp for ConnectWise|
|AlienApp for SpyCloud Dark Web Monitoring|
|AlienApp for AT&T Cybersecurity Forensics and Response|
|AlienApp for G Suite|
|AlienApp for Jira|
|AlienApp for McAfee ePO|
|AlienApp for Office 365|
|AlienApp for Okta|
|AlienApp for Palo Alto Networks|
|AlienApp for ServiceNow|
|AlienApp for Sophos Central|
Related Video Content
To view other related training videos, click here.