be_ixf;ym_202405 d_27; ct_50

GDPR Compliance

Simplify GDPR Compliance Monitoring With A Complete Set of Essential Security Capabilities in a Single Solution

Watch the 2-minute demo

GDPR Compliance Software


Explore USM Anywhere with our 14-day free trial!

Accelerate GDPR Compliance with Unified Security Management

The General Data Protection Regulation (GDPR) requires organizations handling the personal data of European Union citizens to keep that data secure, and it levies big penalties to organizations that fail to comply. Unfortunately, traditional security monitoring solutions may fall short of helping organizations meet GDPR requirements.

Unified Security Management® (USM) provides a unified security monitoring and compliance management platform to accelerate GDPR compliance readiness. By integrating multiple capabilities into a single platform, USM gives you visibility into your entire security posture and simplifies the compliance process.

GDPR requires organizations to maintain a plan to detect a data breach, regularly evaluate the effectiveness of security practices, and document evidence of compliance. Instead of specific technical direction, the regulation puts the onus on organizations to maintain best practices for data security.

Starting on Day One, USM supports GDPR compliance readiness by helping you detect data breaches, monitor data security, and document your compliance readiness. The unified platform centralizes essential capabilities like asset discovery, vulnerability scanning, intrusion detection, behavioral monitoring, SIEM, log management, and threat intelligence updates.

USM Anywhere includes pre-built reporting templates to help you prove compliance with regulatory requirements and adhere to IT security frameworks like ISO 27001 and NIST CSF. While GDPR does not define or prescribe specific reporting requirements, following ISO 27001 can be an effective way to demonstrate that your technical security controls are aligned with globally recognized best practices. Using the ISO 27001 compliance reporting templates in USM Anywhere as a foundation can help you add structure to your GDPR readiness efforts.

USM delivers the essential security capabilities you need from GDPR compliance software:

Simplify Security and GDPR Compliance Management with a Unified Platform

  • Shrink your attack surface with asset discovery and vulnerability scanning
  • Detect intrusions and potential data breaches with built-in intrusion detection
  • Prepare for forensic investigation with log retention and management

Detect, Investigate, and Report on Data Breaches

  • Detect breaches quickly with network intrusion detection (NIDS), host intrusion detection (HIDS), and cloud intrusion detection (CIDS)
  • Identify anomalous activity with behavioral monitoring
  • Document compliance readiness with pre-built report templates along with fully customizable reports

Reduce Your Incident Response Time to Minimize Data Exposure

  • Respond to incidents quickly with automated response actions
  • Limit potential data exposure by shortening total time to response

Keep Your Security Plan Up-to-Date with Continuous Threat Intelligence Updates

  • Get the latest threat intelligence, curated by the Alien Labs Security Research Team
  • Stay up-to-date with threat intelligence updates continuously delivered to your USM deployment

Simplify Security and GDPR Compliance Management with a Unified Platform

Unlike point solutions that address one aspect of GDPR compliance at a time, USM supports a range of compliance functions by integrating five essential security capabilities into one unified solution:

  • Asset Discovery
  • Vulnerability Scanning
  • Behavioral Monitoring
  • Intrusion Detection
  • SIEM & Log Management

 USM's unified approach gives you complete visibility of your security posture within a single pane of glass, making it simple to demonstrate GDPR security compliance.

With USM's asset discovery capabilities, you can create and maintain a complete inventory of the critical assets you need to monitor to comply with GDPR requirements, giving you security visibility of your data protection efforts.

Article 32 requires organizations to take technical steps to ensure data protection, including constantly monitoring the effectiveness of your security plan.

Using USM, you can schedule regular vulnerability scans of your critical assets to stay on top of essential patches and minimize your attack surface. In the case of the vulnerability exploited by WannaCry ransomware, for example, vulnerability scans within USM would help you identify unpatched systems so you could apply patches or isolate them from essential data.

Built-in intrusion detection capabilities for network-, host-, and cloud-based systems allow you to monitor your entire critical infrastructure for data breaches. Behavioral monitoring helps you identify anomalous activity that could affect your stored data.

In case a breach does occur, USM's secure log management capabilities ensure you have the event logs you need to meet the level of forensic investigation GDPR regulation requires.

Efficiently Detect, Investigate, and Report on Data Breaches

To achieve GDPR compliance, you need to demonstrate that you have a plan in place to monitor the critical infrastructure housing the personal data of EU citizens. USM provides essential security monitoring capabilities to help you detect, investigate, and report on data breaches within your environments.

Network intrusion detection (NIDS) identifies threats using signature-based anomaly detection, collecting data from your on-premises environments to spot malicious attacks, malware intrusions, and other potential threats to your data.

USM Anywhere™ delivers native cloud intrusion detection capabilities for Azure and AWS, allowing you to detect intrusions within your public cloud environments. USM Anywhere provides visibility into your security posture across your on-premises, public cloud, and private cloud environments, as well as cloud applications like Microsoft Office 365 and Google G Suite.

Host intrusion detection (HIDS) and file integrity monitoring (FIM) provide security visibility at the application layer, allowing you to detect activity such as potential system compromise, rogue processes, and changes to critical configuration files.

When USM detects a threat within your environments, it creates an alarm to direct your attention to it, allowing you to respond quickly and limit the scope of a potential intrusion. USM intelligently prioritizes alarms based on the severity of threat, so you know which incidents to respond to first.

You can easily search and filter the log data within USM to investigate potential intrusions and access all the information you might need for detailed investigation in the wake of a data breach. Granular search and filtering functions allow you to pivot around selected data for deeper analysis.

Reduce Your Incident Response Time to Minimize Data Exposure

To comply with GDPR regulations, organizations should have a plan in place to detect and respond to a potential data breach to minimize its impact on EU citizens. In the case of an attack or intrusion, a streamlined incident response process can help you respond quickly and effectively to limit the scope of the exposure.

USM helps security teams respond to threats quickly by delivering a unified view of each organization's security posture. Instead of wasting time piecing together information from multiple systems, you can take swift, confident action with a centralized view of all your assets, their vulnerabilities, any intrusions or attempts to exploit those vulnerabilities, as well as contextual threat intelligence and remediation guidance.

When an incident occurs, prioritized alarms help you focus on the most important threats first. With detailed event data and incident response templates at your fingertips, it's easy to move quickly from detection to response rather than losing time on basic research.

With USM Anywhere, you can receive alerts via email or Amazon SNS to help you respond immediately to threats affecting your sensitive data.

When a potential intrusion occurs, USM Anywhere allows you to automate incident response actions within USM Anywhere as well as with leading third-party security tools like Cisco Umbrella, Palo Alto Networks, and Carbon Black. For example, if USM Anywhere detects evidence of ransomware like WannaCry, you can shut down or isolate the system and pull in additional data to help you investigate.

With USM Anywhere's automated incident response capabilities, you can eliminate time-consuming manual tasks and move swiftly from detection to response. Shortening your total time to respond limits the potential impact of intrusions, helping you minimize data exposure and meet protection requirements.

Discover How USM Supports GDPR Compliance

GDPR Article(s)

GDPR Article(s)

AlienVault USM Capability

AlienVault USM Capability

Examples of How AlienVault USM Helps

Examples of How AlienVault USM Helps

GDPR Article(s)
Article 24 (Responsibility of the controller)
Article 25 (Data protection by design and by default)
Article 28 (Processor)
AlienVault USM Capability

Continuous Monitoring

Examples of How AlienVault USM Helps
  • Monitor for indicators of malware-based compromise, such as communication to a known Command & Control (C&C) Server.
  • Monitors successful and failed logon attempts to external applications through Azure Active Directory and Okta, and to Office 365 and G Suite.
  • Monitors user and administrator activities, including access and modification of files and content, in cloud applications such as Office 365 and G Suite.
  • Identify which assets have remote access services running.
  • File Integrity Monitoring (FIM) detects access and modification to files and directories on Windows and Linux systems.
  • Runs regularly scheduled scans to identify new and updated assets and to identify any vulnerabilities on each asset.
  • Continuously updated threat intelligence ensures that the USM platform is operating with the latest correlation directives, vulnerability signatures, reports, guided responses, and more.
  • Identifies recommended patches for discovered vulnerabilities.
GDPR Article(s)
AlienVault USM Capability

Personal Data Security

Examples of How AlienVault USM Helps
  • Monitors for communications with known malicious IP addresses, which could identify exfiltration of data.
  • Monitors for changes to Office 365 policies including Data Leakage Protection (DLP), information management, and more.
  • File Integrity Monitoring (FIM) detects and reports on access and changes to system binaries, content locations, and more.
GDPR Article(s)
AlienVault USM Capability

Incident Detection

Examples of How AlienVault USM Helps
  • Aggregates events from across your on-premises and cloud environments and cloud applications, including Office 365 and G Suite.
  • Uses machine learning and state-based correlation capabilities to detect threats.
  • Classifies threats across a kill-chain taxonomy to inform the threat risk level.
  • Monitors public and dark web sources for the trade of stolen credentials.
  • Built-in notification capabilities enable analysts to be alerted to alarms through email, SMS, Datadog, PagerDuty, and Slack.
  • Customizable and searchable alarm and event views enable fast and simple review of events and detected incidents.
  • Continuously updated threat intelligence from LevelBlue Labs and the Open Threat Exchange (OTX) delivers the latest correlation rules and Indicators of Compromise (IoCs) to the USM platform.
GDPR Article(s)
AlienVault USM Capability

Incident Response

Examples of How AlienVault USM Helps
  • With the BlueApp for Forensics and Response, enables automatic forensics tasks to be executed in response to a detected threat.
  • Enable forensics investigation with rich filter, search, and reporting capabilities event and log data.
  • With BlueApps, enables orchestration of manual and automated actions to be executed to contain threats, such as isolating systems from the network or blocking communications with known malicious IP addresses.
GDPR Article(s)

Articles 33, 34 (Notification of a personal data breach)

AlienVault USM Capability

SIEM Log Management & Reporting

Examples of How AlienVault USM Helps
  • Aggregates events from across your on-premises and cloud environments and cloud applications, including Office 365 and G Suite.
  • Enables rich search of up to 90 days of historic log and event data across normalized and enriched data fields.
  • Built-in and customizable dashboards and reports support regular review and report out of typical searches.
  • Securely archives original log and event data for at least 12 months, supporting longer-term investigations as needed.
GDPR Article(s)

Article 35 (Data protection impact assessment)

AlienVault USM Capability

Asset Discovery

Examples of How AlienVault USM Helps
  • Built-in asset discovery discovers physical and virtual assets running in on-premises and cloud environments (including AWS, Azure, VMware, Hyper-V).
  • Asset Groups deliver dynamic or analyst-defined grouping of assets, such as business-critical assets, HIPAA assets, PCI CDE assets, Windows assets, and more.
GDPR Article(s)
AlienVault USM Capability

Vulnerability Assessment

Examples of How AlienVault USM Helps
  • Identifies systems susceptible to known vulnerabilities or that may not have antivirus installed and/or operational.
  • Continuously updated threat intelligence from the Open Threat Exchange (OTX) and LevelBlue Labs Security Research Team ensures that the USM platform has the latest vulnerability signatures.


Watch this video

Video about the roadmap thing.