USM Anywhere™

Guides for Custom AlienApp Configuration

In addition to the many AlienApps offered by USM Anywhere, AT&T Cybersecurity offers you the option of configuring an advanced AlienApp custom to your resources and the way you use them. With custom AlienApps, you can better monitor activity in your environment according to your needs.

The custom AlienApp feature is quite powerful, unlocking the ability to import events from almost any product or service that uses a REST API. To make this configuration process easy and approachable, AT&T Cybersecurity offers configuration guides for the most oft-requested custom AlienApps, providing clear guidance on the exact configurations needed to set up authentication of your custom AlienApp.

https://intercom.help/usm-anywhere/en/articles/7061412-custom-alienapp-configuration-guides

Before getting started, you will need to ensure that you are able to generate the required authentication information from the application or service for which you are trying to create an application. The configuration guides AT&T Cybersecurity provides endeavor to document the highest level of security available when connecting to your third party resource. For that reason, AT&T Cybersecurity recommends that you follow the documented authentication configuration when setting up your custom AlienApp.

Note: If you don't find a guide for the application you need there, you can request one by following the instructions here.

To use a configuration guide to create your custom AlienApp

  1. Go to https://intercom.help/usm-anywhere/en/articles/7061412-custom-alienapp-configuration-guides.
  2. In the Configuration Guide list, locate the AlienApp template you want to follow and select it.
  3. Open the PDF link on the Configuration Guide page for your selected AlienApp and save the file for your reference.

  4. Within USM Anywhere, navigate to Data Sources > AlienApps > Custom Apps.

  5. Select Add Custom App to begin creating a new custom AlienApp.

  6. Follow the guidelines to configure each step of your custom AlienApp.
    The guide is designed to offer you the most security and robust functionality available. For that reason, we recommend following the configuration in the guide exactly as it is presented unless your environment necessitates that you make a change.

    • App Info: Provide a unique name, logo, and description for your custom AlienApp.

    • API Credentials: Configure your custom AlienApp with secure credentials to your third party resource.

    • API Configuration: Represent the API configuration your custom AlienApp should expect from your third party resource.

    • Field Mapping: Map important fields from your third party resource's API to their matching fields within USM Anywhere.

    • Summary Fields: Select which fields will appear in the details page of events generated from your new custom AlienApp.

  7. Once you have finished all of the configuration steps for your custom AlienApp, click Save & Close to create it.
    It will now be available to you under the My Apps tab of USM Anywhere.