AlienVault USM Anywhere centralizes and automates threat detection, incident response, and compliance management for your AWS cloud accounts, on-premises infrastructure, and cloud applications - all from one affordable and unified SaaS solution.

Available through the AWS Marketplace, USM Anywhere uniquely combines multiple essential security capabilities for asset discovery, vulnerability management, intrusion detection, behavioral monitoring, SIEM, and log management. Continuous threat intelligence updates from the AlienVault Labs Security Research Team and the AlienVault Open Threat Exchange (OTX) ensure AlienVault USM always detects the latest threats, making security monitoring and compliance easier and more effective. USM Anywhere is attested compliant to PCI DSS, SOC 2, and HIPAA.


AlienVault USM Anywhere collects, analyzes, and stores AWS CloudTrail events to detect security threats in your AWS environment. With an easy-to-deploy sensor that is purpose-built for AWS, USM Anywhere automatically gathers and retains the activities within your AWS environment, including activities from the AWS Management Console, AWS SDKs, command line tools, and more.

Using continuously updated threat intelligence from the AlienVault Labs Security Research Team and the AlienVault Open Threat Exchange (OTX), USM Anywhere performs automated event correlation of AWS CloudTrail events, monitors S3 bucket configurations, and more. This eliminates manual data aggregation and analysis and enables USM Anywhere to alert you to suspicious and anomalous activities, including suspicious instance creation, new user creation, elevation of privileges, security group modification, and more.


The AWS Dashboard provides the security insights you need to protect your AWS environment, and to maintain continuous compliance.


Easily search, filter, and report on alarms that identify suspicious and malicious activity across your AWS infrastructure.


Easily search, filter, and report on AWS CloudTrail security events within USM Anywhere.