Key Product Features and Highlights
Powerful Threat Detection and Incident Response for All Your Critical Infrastructure
Centralized Security Monitoring for Your Cloud & On-Premises Environments
CSP gives you powerful threat detection capabilities across your cloud and on-premises landscape, helping you to eliminate security blind spots and mitigate unmanaged shadow IT activities. Even as you migrate workloads and services from your data center to the cloud, you have the assurance of seamless security visibility.
CSP natively monitors
- AWS and Microsoft Azure public clouds
- Virtual on-premises IT on VMware / Hyper-V
- Physical IT infrastructure in your data center
- Other on-premises facilities (e.g., offices, retail
stores, etc.) - Cloud applications like Office 365 and G-Suite
Automated Response Orchestration
CSP provides advanced security orchestration rules that automate actions and responses according to your needs, making your work more efficient.
You can:
- Reduce alarm “noise” with suppression rules
- Generate custom alarms based on any parameter
- Auto-respond to events with orchestration rules
- Create orchestration rules for third-party apps
Powerful Security Analytics at Your Fingertips When you centralize security monitoring of all your cloud and on-premises IT environments, you need a highly efficient way to search and analyze large amounts of
data from across a complex and dynamically changing IT infrastructure. CSP provides an intuitive and flexible interface to search and analyze your security-related data.
With it, you can:
- Search and analyze your data to find threats and investigate incidents
- Pivot between assets, vulnerabilities, and event data to pinpoint the data you need
- Create and export custom data views for compliance-ready reporting
Built Natively in the Cloud for the Cloud
Unlike other legacy security solutions that have been modified to work in the cloud, CSP is a truly cloud-native security monitoring solution that
leverages the unique security elements of public cloud infrastructure. It uses direct hooks into cloud APIs to give you a richer data set, greater control over the security of your cloud infrastructure and SaaS applications, and more immediate visibility across your entire environment within minutes of installation.
Advanced Graph-based Analytics Engine
CSP takes an enhanced approach to SIEM event correlation that makes security analysis faster, more flexible, and more effective than ever. With our unique, graph-based approach to correlation, you can:
- Quickly and efficiently run ad-hoc queries on large and complex data sets
- Enhance correlation by keying off connections between assets, users, and activities and the changes occurring between them
Extended Security Orchestration with AlienApps™
CSP is a highly extensible platform that leverages AlienApps—integrations with third-party security and productivity tools—to extend your security orchestration capabilities.
With AlienApps, you can:
- Extract and analyze data from third-party security applications
- Visualize external data within USM Anywhere’s rich graphical dashboards
- Push actions to third-party security tools based on
threat data analyzed by USM Anywhere - Gain new security capabilities as new AlienApps are introduced into USM Anywhere
CSP currently ships with out-of-the-box integration with leading security apps, including Cisco Umbrella and Palo Alto Networks to provide data collection and action response orchestration.
