AlienVault USM Threat Intelligence - Powered by OTX
AlienVault Threat Intelligence provides automated updates to AlienVault USM for targeted detection of the latest threats. Unlike single-purpose threat intelligence feeds focused on only one security control, AlienVault Labs Threat Intelligence delivers multiple coordinated rulesets, fueled by the collective power of the Open Threat Exchange. AlienVault Labs Threat Intelligence drives AlienVault USM’s security capabilities in identifying the latest threats, resulting in the broadest view of attacker techniques and effective defenses.
The rulesets updated weekly, are:
- Network-based IDS signatures
- Vulnerability database updates
- Event correlation rules
- Report modules and templates
AlienVault OTX also delivers high frequency updates of indicators of compromise based on details collected about attackers’ infrastructure (i.e. IP addresses, domains, URLs) as well as details about the tools they use to infiltrate systems (i.e. file hashes and static/dynamic analysis of exploit kits, malware, etc.).
More about Threat Intelligence with AlienVault USM.
Have a question? Ask it in our forum.