AlienVault® USM Anywhere™

The AlienApp™ for Salesforce

The AlienApp for Salesforce streamlines incident response activities by automatically opening Salesforce cases in response to threats detected by USM Anywhere. Upon execution of the action, USM Anywhere generates the Salesforce case and populates the Salesforce case fields with details from USM Anywhere.

Warning: The AlienApp for Salesforce uses the Salesforce hourly event log API to pull events from your Salesforce instance on an hourly basis to minimize the latency of your important security event data. This feature is usually not enabled in a production Salesforce instance by default, so you will have to ask for it to be enabled in your account by your Salesforce Account Executive if you have not done so already. The hourly event log feature is not required to use the case creation actions. USM Anywhere does not currently support importing events from the Salesforce Daily Event Log API.

Warning: If the AlienApp fails and you receive a message to inform you that it has not been loaded, please contact the AT&T Cybersecurity Technical Support department to solve the problem.