One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 769536 |
| Date de publication | 2018-08-07 13:00:00 (vue: 2018-08-07 15:03:11) |
| Titre | USM Central Product Roundup and Look Ahead |
| Texte |
We have an audacious goal on the USM Central Product team. We believe that we can create the most phenomenal security platform for MSPs and MSSPs on the market with the combination of USM Central, USM Anywhere, and USM Appliance. As we move into Q3, we wanted to take some time to stop and reflect a bit on our journey. We thought it’d be helpful to provide some perspective on the problems we believe USM Central should solve for our customers, recap what we’ve built so far, and preview what’s ahead of us as we storm ahead into the back-half of the year.
When prioritizing our efforts for USM Central, we always try to ask ourselves two questions. The first is, “how can we help our MSSP / MSP partners to be more efficient?” For instance, are they taking some redundant action multiple times across several deployments? What data are they looking for in the “child deployments” that would be helpful to view in USM Central? The second is, “how are USM Central users “patching” our functionality?” By talking to our partners every week, we try to understand what other systems or tools they are using in conjunction with our products and find ways that we could either 1) address that need in product or 2) integrate with the existing workflow. While USM Anywhere continues to push the envelope on core security capabilities, we believe we can create “SOCs with superpowers” with USM Central by showing up every day and trying to answer those two questions. Below, you’ll find a short summarization of our recent efforts and what we’re excited about moving forward.
Alarm Status and Label Synchronization
Labels are a simple yet powerful method to track the status of alarms in the various stages of the investigation cycle, classify alarm data for analysis/reporting, or even show “proof of work” to your end customers. Before USM Central, any edit to a label in the child instance would not be reflected in the Federation Server, requiring an analyst to make the label or alarm updates in multiple places. Today, any changes made to an alarm from connected USM Anywhere deployments are automatically synced to USM Central, and USM Central users can standardize labels across all of their USM Anywhere deployments. We're hoping this will dramatically streamline alarm workflows. Check out the details of this feature in the documentation here.
Orchestration Rule Management
Often, when our MSSP partners create an orchestration rule in USM Anywhere for one client, they recognize that it would be useful to deploy that same rule to another client. Additionally, when onboarding a new client, we’ve found that it’s helpful to do a comparative audit with another more mature deployment to make sure all of you've covered all of your bases, from filtering to alarm rules. With the most recent release of USM Central, all of the rules for your connected USM Anywhere deployments are now synced to USM Central. USM Central users can filter their view to only view rules from selected deployments or to copy a rule and quickly apply it to another customer.
API Availability
Do you use a ticketing system to generate tickets for alarms generated within your AlienVault deployment(s)? Maybe you customize reports or dashboards by using data from AlienVault and other products for use internally or client presentations?
You can now generate an API key in product for the USM Central API. The REST interface will allow you to search for alarms for all of you connected USM Anywhere or USM Appliance instances. For this first release, we've only exposed an Alarms endpoint, but we& |
| Envoyé | Oui |
| Condensat | “child “how “proof “socs ability about access across action adding additional additionally address after ahead alarm alarms alienvault all allow allowing always analysis/reporting analyst analyst’s analysts another answer any anytime anywhere api appliance applicable apply are ask assign assigned audacious audit automatically availability back based bases before begin believe below bit bridge built business but can capabilities central changes check cheers child circle classify client combination coming comparative configuration conjunction connected continues control copy core could covered create customer customers customize cycle dashboards data day deeper deploy deployment deployments deployments” details directly documentation dramatically each easier edit efficient efforts either end endpoint endpoints envelope even every example excited existing expand exposed far feature federation feedback filter filtering find first forward found from functionality gap generate generated give goal going half have head hear help helpful here hitting hoping icon incident initiate installation instance instances integrate interface internally investigation issues it’d it’s journey key label labels large late learn limited look looking love made make makes manage management manager managing market mature maybe messaging method months more most move moving msp msps mssp mssps multiple need new next not now number often onboarding one only orchestration other ourselves out partners permissions perspective phenomenal places platform powerful presentations preview prioritizing problems product products profile provide push questions quickly recap recent recognize redundant reflect reflected release reports requiring response rest role roundup rule rules same scans search second security selected senior server set several short should shout show showing simple skylar solve some specific stages standardize start status stop storm streamline summarization superpowers” sure synced synchronization system systems take taking talking talley team test thanks those thought ticketing tickets time times today too tools towards track try trying tuning two understand upcoming updates use useful users using usm various view vulnerabilities vulnerability want wanted ways we're we've we’d we’ll we’re we’ve week what what’s when will within work” workflow workflows would year yet you've you’ll your |
| Tags | Vulnerability |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.