GDPR compliance solutions
Simplify GDPR compliance monitoring with a complete set of essential security capabilities in a single solution.
Accelerate GDPR Compliance with Unified Security Management
The General Data Protection Regulation (GDPR) requires organizations handling the personal data of European Union citizens to keep that data secure, and it levies big penalties to organizations that fail to comply. Unfortunately, traditional security monitoring solutions may fall short of helping organizations meet GDPR requirements.
AlienVault® Unified Security Management® (USM) provides a unified security monitoring and compliance management platform to accelerate GDPR compliance readiness. By integrating multiple capabilities into a single platform, AlienVault USM gives you visibility into your entire security posture and simplifies the compliance process.
GDPR requires organizations to maintain a plan to detect a data breach, regularly evaluate the effectiveness of security practices, and document evidence of compliance. Instead of specific technical direction, the regulation puts the onus on organizations to maintain best practices for data security.
Starting on Day One, AlienVault USM supports GDPR compliance readiness by helping you detect data breaches, monitor data security, and document your compliance readiness. The unified platform centralizes essential capabilities like asset discovery, vulnerability scanning, intrusion detection, behavioral monitoring, SIEM, log management, and threat intelligence updates.
USM Anywhere includes pre-built reporting templates to help you prove compliance with regulatory requirements and adhere to IT security frameworks like ISO 27001 and NIST CSF. While GDPR does not define or prescribe specific reporting requirements, following ISO 27001 can be an effective way to demonstrate that your technical security controls are aligned with globally recognized best practices. Using the ISO 27001 compliance reporting templates in USM Anywhere as a foundation can help you add structure to your GDPR readiness efforts.
AlienVault USM delivers the essential security capabilities you need from GDPR compliance software:
Simplify Security and GDPR Compliance Management with a Unified Platform
- Shrink your attack surface with asset discovery and vulnerability scanning
- Detect intrusions and potential data breaches with built-in intrusion detection
- Prepare for forensic investigation with log retention and management
Detect, Investigate, and Report on Data Breaches
- Detect breaches quickly with network intrusion detection (NIDS), host intrusion detection (HIDS), and cloud intrusion detection (CIDS)
- Identify anomalous activity with behavioral monitoring
- Document compliance readiness with pre-built report templates along with fully customizable reports
Reduce Your Incident Response Time to Minimize Data Exposure
- Respond to incidents quickly with automated response actions
- Limit potential data exposure by shortening total time to response
Keep Your Security Plan Up-to-Date with Continuous Threat Intelligence Updates
- Get the latest threat intelligence, curated by the AlienVault Labs Security Research Team
- Stay up-to-date with threat intelligence updates continuously delivered to your USM deployment
Our Cybersecurity is trusted & verified
Our Cybersecurity makes compliance a top priority for your organization and for ours. We have adopted the NIST Cybersecurity Framework (CSF), aligning our security controls and processes with industry-proven security best practices. We use our own USM platform to demonstrate and maintain compliance, working with third-party auditors to regularly test our systems, controls, and processes.
* The ISMS that governs USM Anywhere, USM Central
Simplify Security and GDPR Compliance Management with a Unified Platform
Unlike point solutions that address one aspect of GDPR compliance at a time, AlienVault USM supports a range of compliance functions by integrating five essential security capabilities into one unified solution:
- Asset Discovery
- Vulnerability Scanning
- Behavioral Monitoring
- Intrusion Detection
- SIEM & Log Management
AlienVault USM's unified approach gives you complete visibility of your security posture within a single pane of glass, making it simple to demonstrate GDPR security compliance.
With AlienVault USM's asset discovery capabilities, you can create and maintain a complete inventory of the critical assets you need to monitor to comply with GDPR requirements, giving you security visibility of your data protection efforts.
Article 32 requires organizations to take technical steps to ensure data protection, including constantly monitoring the effectiveness of your security plan.
Using AlienVault USM, you can schedule regular vulnerability scans of your critical assets to stay on top of essential patches and minimize your attack surface. In the case of the vulnerability exploited by WannaCry ransomware, for example, vulnerability scans within AlienVault USM would help you identify unpatched systems so you could apply patches or isolate them from essential data.
Built-in intrusion detection capabilities for network-, host-, and cloud-based systems allow you to monitor your entire critical infrastructure for data breaches. Behavioral monitoring helps you identify anomalous activity that could affect your stored data.
In case a breach does occur, AlienVault USM's secure log management capabilities ensure you have the event logs you need to meet the level of forensic investigation GDPR regulation requires.
Efficiently Detect, Investigate, and Report on Data Breaches
To achieve GDPR compliance, you need to demonstrate that you have a plan in place to monitor the critical infrastructure housing the personal data of EU citizens. AlienVault USM provides essential security monitoring capabilities to help you detect, investigate, and report on data breaches within your environments.
Network intrusion detection (NIDS) identifies threats using signature-based anomaly detection, collecting data from your on-premises environments to spot malicious attacks, malware intrusions, and other potential threats to your data.
AlienVault USM Anywhere™ delivers native cloud intrusion detection capabilities for Azure and AWS, allowing you to detect intrusions within your public cloud environments. USM Anywhere provides visibility into your security posture across your on-premises, public cloud, and private cloud environments, as well as cloud applications like Microsoft Office 365 and Google G Suite.
Host intrusion detection (HIDS) and file integrity monitoring (FIM) provide security visibility at the application layer, allowing you to detect activity such as potential system compromise, rogue processes, and changes to critical configuration files.
When AlienVault USM detects a threat within your environments, it creates an alarm to direct your attention to it, allowing you to respond quickly and limit the scope of a potential intrusion. USM intelligently prioritizes alarms based on the severity of threat, so you know which incidents to respond to first.
You can easily search and filter the log data within AlienVault USM to investigate potential intrusions and access all the information you might need for detailed investigation in the wake of a data breach. Granular search and filtering functions allow you to pivot around selected data for deeper analysis.
Reduce Your Incident Response Time to Minimize Data Exposure
To comply with GDPR regulations, organizations should have a plan in place to detect and respond to a potential data breach to minimize its impact on EU citizens. In the case of an attack or intrusion, a streamlined incident response process can help you respond quickly and effectively to limit the scope of the exposure.
AlienVault USM helps security teams respond to threats quickly by delivering a unified view of each organization's security posture. Instead of wasting time piecing together information from multiple systems, you can take swift, confident action with a centralized view of all your assets, their vulnerabilities, any intrusions or attempts to exploit those vulnerabilities, as well as contextual threat intelligence and remediation guidance.
When an incident occurs, prioritized alarms help you focus on the most important threats first. With detailed event data and incident response templates at your fingertips, it's easy to move quickly from detection to response rather than losing time on basic research.
With USM Anywhere, you can receive alerts via email or Amazon SNS to help you respond immediately to threats affecting your sensitive data.
When a potential intrusion occurs, USM Anywhere allows you to automate incident response actions within USM Anywhere as well as with leading third-party security tools like Cisco Umbrella, Palo Alto Networks, and Carbon Black. For example, if USM Anywhere detects evidence of ransomware like WannaCry, you can shut down or isolate the system and pull in additional data to help you investigate.
With USM Anywhere's automated incident response capabilities, you can eliminate time-consuming manual tasks and move swiftly from detection to response. Shortening your total time to respond limits the potential impact of intrusions, helping you minimize data exposure and meet protection requirements.
Discover How AlienVault USM Supports GDPR Compliance
GDPR Article(s)
AlienVault USM Capability
Examples of How AlienVault USM Helps
Continuous Monitoring
- Monitor for indicators of malware-based compromise, such as communication to a known Command & Control (C&C) Server.
- Monitors successful and failed logon attempts to external applications through Azure Active Directory and Okta, and to Office 365 and G Suite.
- Monitors user and administrator activities, including access and modification of files and content, in cloud applications such as Office 365 and G Suite.
- Identify which assets have remote access services running.
- File Integrity Monitoring (FIM) detects access and modification to files and directories on Windows and Linux systems.
- Runs regularly scheduled scans to identify new and updated assets and to identify any vulnerabilities on each asset.
- Continuously updated threat intelligence ensures that the USM platform is operating with the latest correlation directives, vulnerability signatures, reports, guided responses, and more.
- Identifies recommended patches for discovered vulnerabilities.
Personal Data Security
- Monitors for communications with known malicious IP addresses, which could identify exfiltration of data.
- Monitors for changes to Office 365 policies including Data Leakage Protection (DLP), information management, and more.
- File Integrity Monitoring (FIM) detects and reports on access and changes to system binaries, content locations, and more.
Incident Detection
- Aggregates events from across your on-premises and cloud environments and cloud applications, including Office 365 and G Suite.
- Uses machine learning and state-based correlation capabilities to detect threats.
- Classifies threats across a kill-chain taxonomy to inform the threat risk level.
- Monitors public and dark web sources for the trade of stolen credentials.
- Built-in notification capabilities enable analysts to be alerted to alarms through email, SMS, Datadog, PagerDuty, and Slack.
- Customizable and searchable alarm and event views enable fast and simple review of events and detected incidents.
- Continuously updated threat intelligence from AlienVault Labs and the Open Threat Exchange (OTX) delivers the latest correlation rules and Indicators of Compromise (IoCs) to the USM platform.
Incident Response
- With the AlienApp for Forensics and Response, enables automatic forensics tasks to be executed in response to a detected threat.
- Enable forensics investigation with rich filter, search, and reporting capabilities event and log data.
- With AlienApps, enables orchestration of manual and automated actions to be executed to contain threats, such as isolating systems from the network or blocking communications with known malicious IP addresses.
Articles 33, 34 (Notification of a personal data breach)
SIEM Log Management & Reporting
- Aggregates events from across your on-premises and cloud environments and cloud applications, including Office 365 and G Suite.
- Enables rich search of up to 90 days of historic log and event data across normalized and enriched data fields.
- Built-in and customizable dashboards and reports support regular review and report out of typical searches.
- Securely archives original log and event data for at least 12 months, supporting longer-term investigations as needed.
Article 35 (Data protection impact assessment)
Asset Discovery
- Built-in asset discovery discovers physical and virtual assets running in on-premises and cloud environments (including AWS, Azure, VMware, Hyper-V).
- Asset Groups deliver dynamic or analyst-defined grouping of assets, such as business-critical assets, HIPAA assets, PCI CDE assets, Windows assets, and more.
Vulnerability Assessment
- Identifies systems susceptible to known vulnerabilities or that may not have antivirus installed and/or operational.
- Continuously updated threat intelligence from the Open Threat Exchange (OTX) and AlienVault Labs Security Research Team ensures that the USM platform has the latest vulnerability signatures.