Quick Contact

Behavioral Monitoring

Behavioral MonitoringFinding the signal in the noise. Quickly.

Context is critical when evaluating system and network behavior. For example, an abundance of Skype traffic in the network used by your inside sales team is probably a normal part of operations. However, if the database server that houses your customer list suddenly shows a burst of Skype traffic something is likely wrong.

As soon as AlienVault’s Unified Security Management™ (USM™) platform is installed, the behavioral monitoring functionality starts identifying a baseline
 for “normal” system and network activity. Within just a few hours, you’ll be able to identify patterns that may signal an operational issue or potential security incident.



Behavioral Monitoring for full situational awareness

Put in simple terms, situational awareness helps bridge security content with the appropriate risk context, in order to make the right decision or take the correct response. Behavioral monitoring makes it possible.

Behavioral MonitoringAlienVault’s Unified Security Management platform brings together the essential security capabilities required for situational awareness. By using a single unified console, the security analyst can break down security silos for a more seamless workflow. Specifically, the behavioral monitoring capabilities built into AlienVault USM provide this core functionality with the following techniques:

  • Service and Infrastructure Monitoring—provides continuous monitoring 
of services run by particular systems. On a periodic basis, or on demand, the device is probed to confirm that the service is still running and available. This lightweight, continuous monitoring tool detects unexpected service outages throughout your critical infrastructure.
  • Network Flow Analysis—allows for the analysis of network traffic without needing the storage capacity required for full packet capture. Network flow analysis provides the high-level trends related to what protocols are used, which hosts use the protocol, and the bandwidth usage.
  • Network Protocol Analysis / Full Packet Capture—allows security analysts to perform full protocol analysis on network traffic enabling a full replay of the events that occurred during a potential breach. This can be used to pinpoint the method used for exploit or to determine what data was ex-filtrated.

Innovation Network Technologies sign up form

Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur excepteur sint occaecat cupidatat non

Innovation Network Technologieslogin form