Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Book a CREST penetration test today. Get a quote.

Overview

Maximise the power of AlienVault® USM™ with Managed Detection & Response

As a Platinum AlienVault MSSP, Redscan offers organisations that have either deployed, or are considering AlienVault’s Unified Security Management™ system, the ability to enhance threat detection with Managed Detection and Response.

ThreatDetect™, Redscan’s award-winning MDR service, extends organisations’ threat monitoring, hunting and incident response capabilities while helping to overcome the challenges of day-to-day security management.

As the leading provider of AlienVault Professional Services in EMEA, Redscan can help you get the most out of USM.

Detection & Response

Enhancing threat detection & incident response capabilities

Choosing ThreatDetect helps your organisation to realise the power of AlienVault USM Appliance and AlienVault USM Anywhere, while also enabling it to benefit from:

Experienced CSOC professionals

Redscan’s team of Cyber Security Operations Centre (CSOC) experts are trained to the highest professional standards. By deploying, monitoring and maintaining your organisation’s AlienVault USM environment around-the-clock, our specialists ensure your defences are fully optimised, 24/7.

Our qualifications include: CREST CRT, CCT APP, CCT INF, CCSAM, CCSAS, OSCP, CEH and CCNA.

Technology management

As an AlienVault MSSP partner, Redscan ensures your organisation benefits from the power of AlienVault USM, while at the same time taking advantage of other cutting-edge technologies.

Additional technologies included as part of ThreatDetect:
Endpoint Detection and Response
Behavioural Monitoring (including UEBA)
Vulnerability scanning

Richer threat intelligence

Through the orchestration of intelligence from a wide range of sources, including Redscan Labs and our team of CREST-certified ethical hackers, we ensure your organisation benefits from the high level of security insight needed to best utilise USM Appliance and USM Anywhere.

CyberOps™

CyberOps, Redscan’s threat management platform integrates directly with AlienVault USM Appliance, USM Anywhere and a wide range of other security technologies. As the virtual interface between Redscan’s CSOC and your in-house IT team, CyberOps enables our experts to deliver swift, noise-free incident alerting, actionable remediation advice and custom security reports.

Need help or advice from our friendly team?

Get in touch

Choosing Redscan as your AlienVault MSSP

Certified system experts

Redscan’s AlienVault-certified security analysts and engineers possess unrivalled experience of deploying, configuring and managing USM Appliance and USM Anywhere across multiple environments. Whether considering an on-premise or cloud-based deployment, our experts provide the assistance required to implement the best solution possible.

Offensive security expertise

Close collaboration between Redscan’s ‘red team’ ethical hackers and ‘blue team’ defenders ensures your organisation always benefits from the best security insight. Possessing a deep understanding of the latest tactics, tools and procedures (TTPs) used by real-world attackers enables us to facilitate early threat detection and improve incident response procedures.

No more alert fatigue

Investigating alerts generated by AlienVault USM can be time and resource-intensive. In hunting through logs and filtering out large volumes of false positives and background noise to uncover genuine security incidents, Redscan's AlienVault professionals do all the heavy lifting to enable your in-house IT teams to focus on other aspects of security management.

Advanced system tuning

Working closely with your business to define bespoke use cases, Redscan’s CSOC team continuously implement custom rule sets designed to enhance AlienVault USM’s threat detection capabilities beyond the automatic signature updates applied by AlienVault.

Regular health checks and monitoring

Having developed a range of custom plug-ins to extend system health monitoring beyond the tools included as part of the AlienVault platform, Redscan provides complete confidence that all system components, including sensors, servers and loggers, are operational and functioning optimally.

Custom software development

AlienVault USM Appliance is a Linux-based application that integrates open source tools such as Suricata and OSSEC. Redscan’s CSOC engineers are hugely experienced at configuring and optimising these technologies and can help to address any functionality requirements which fall outside the scope of the product.

Added threat intelligence

ThreatDetect ensures that your organisation benefits from a wide range of security intelligence, not just that supplied by the AlienVault Open Threat Exchange (OTX). This includes data from proprietary Redscan Labs research, Red Team Operations and CiSP.

Hassle-free system maintenance

Routine maintenance of USM Appliance and other security systems has the ability to disrupt critical security processes. Product customisations, for instance, can easily be overwritten by signature and software updates. By testing and applying patches, performing upgrades and backups, and monitoring important configuration files, Redscan’s CSOC experts minimise the risks associated with routine system maintenance.

Supplementary detection technologies

Choosing Redscan as your AlienVault partner ensures that your organisation is able to leverage the power of AlienVault SIEM, intrusion detection and behavioural monitoring technologies alongside EDR and other cutting-edge security tools.

Automated data archiving and backups

To aid disaster recovery and reduce any unnecessary investment in additional USM Appliance loggers, external archiving of raw log data is included as part of ThreatDetect. The service extends the functionality offered by AlienVault to include external backup of configuration files.

Clear and concise reporting

AlienVault USM’s in-built reports provide key threat information but reviewing these in isolation can be a challenge, particularly for non-technical personnel. To supplement information supplied by the AlienVault USM platform, Redscan’s CSOC team of experts provide, as part of our ThreatDetect MDR service, regular security reports and clear, actionable remediation advice.

Award-winning service

By being outcome-focused, our experienced experts provide the high-quality support and insight needed to mitigate the latest cyber security risks and meet business and compliance needs. We take pride in delivering the highest levels of service. Our customer satisfaction and retention rates are exceptional, demonstrated by consistently high Net Promoter Scores for our AlienVault managed service and professional services engagements.

AlienVault MSSP

Redscan AlienVault Managed Services

Redscan is a platinum AlienVault partner. Our team of dedicated AlienVault-qualified security experts are trained to the highest professional standards, ensuring they have the skills and experience needed to detect and respond to current and emerging cyber threats.

About us

Why choose Redscan?

  • A leading UK-based MDR company
  • Red and blue team CREST CSOC expertise
  • High-quality intelligence and actionable outcomes
  • Quick and hassle-free service deployment
  • An agnostic approach to technology selection
  • Avg. >9/10 customer satisfaction, 95% retention rate

Get in touch

Complete the form for a prompt response from our team.

I prefer to be contacted by:
View our privacy policy

Resources

Discover our latest content and resources

From the blog
From the blog Case studies Latest news
30th September 2020
Redscan named in Gartner MDR Market Guide
Redscan is one of only two UK-based providers recognised in Gartner’s 2020 Market Guide for Managed Detection and Response. Read more in our press release.
30th September 2020
A fifth of government and enterprise users have unnecessary privileged access
New research suggests that over a third of government and enterprise users in the UK and the US have privileged access despite not needing it. An access policy of “least privilege” is best practice in cyber security and reduces the risk of insider threats.
28th September 2020
Redscan services now available via G-Cloud 12
To help public sector organisations reduce cyber security risk, Redscan's MDR and penetration testing services are now available on G-Cloud 12, the latest iteration of the UK government's digital marketplace, which went live today.  Read more
25th September 2020
Zerologon now being exploited in the wild
Microsoft has warned that attackers are now actively exploiting ‘Zerologon’, a critical vulnerability in the Windows Server Netlogon authentication process. Read Redscan’s Security Advisory to learn how to protect your organisation.