LevelBlue USM Anywhere Features

Diagnose and resolve incidents without the need for human interaction.

Guide users through the resolution process and give specific instructions to remedy individual occurrences.

Cuts off network connection or temporarily inactivate applications until incidents are remedied.

Gathers information related to threats in order to gain further information on remedies.

Analyzes incidents, correlates related events, and determines the scope and impact of attacks.

Information on each incident is stored in databases for user reference and analytics.

Produces reports detailing trends and vulnerabilities related to their network and infrastructure.

Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.

Ability to track incidents, tasks, evidence, and investigation progress within a structured case.

Administrators can organize workflows to guide remedies to specific situations incident types.

Documents the actions from endpoints within a network. Alerts users of incidents and abnormal activities and documents the access point.

Keeps records of each network asset and its activity. Discovers new assets accessing the network.

Provides security information and stores the data in a secure repository for reference.

Alerts users of incidents and allows users to intervene manually or triggers an automated response.

Reduces time spent remedying issues manually. Resolves common network security incidents quickly.

Documents cases of abnormal activity and compromised systems.

Stores information related to common threats and how to resolve them once incidents occur.

Analyzes your existing network and IT infrastructure to outline access points that can be easily compromised.

Allows users to customize analytics with granulized metrics that are pertinent to your specific resources.

Allows users to search databases and incident logs to gain insights on vulnerabilities and incidents.

Enforces security paramaters to prevent unauthorized access.

Protects servers, data center infrastructure and information from a variety of attacks and malware threats.

Provide some level of encryption of information, protecting sensitive data while it exists within the data center.

Facilitates system and network security by identifying and remediating vulnerabilities

Provides high quality and wide scope of in-cloud and offline data security capabilities.

Detects unauthorized access and use of privileged systems.

Detects anomalies in functionality, user accessibility, traffic flows, and tampering.

Provides multiple techniques and information sources to alert users of malware occurrences.

Supports compliance with PII, GDPR, HIPPA, PCI, and other regulatory standards.

Provides a centralized console for administation tasks and unified control.

Application Programming Interface - Specification for how the application communicates with other software. API's typically enable integration of data, logic, objects, etc. with other software applications.

Allows administrators to set policies for security and data governance.

Analyzes data associated with web traffic and site performance to provide vulnerability insights and best practices.

Creates new or streamlines existing workflows to better handle IT support tickets and service.

Monitors data quality and sends alerts based on violations or misuse.

Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns.

Stores data securely either on premise or in an adjacent cloud database to prevent loss of data at rest.

Analyzes data associated with denied entries and policy enforcement, giving information of better authentication and security protocols.

Allows users to create, edit, and relinquish user access privileges.

Ensures user access management, data lineage, and data encryption.

Supports compliance with PII, GDPR, HIPPA, PCI, and other regulatory standards.

Track issues as vulnerabilities are discovered. Documents activity throughout the resolution process.

The rate at which scans accurately detect all vulnerabilities associated with the target.

The rate at which scans falsely indicate detection of a vulnerability when no vulnerabilitiy legitimately exists.

Runs pre-scripted vulnerability scans without requiring manual work.

Allows users to scan applications and networks for specific compliance requirements.

Analyzes network devices, servers and operating systems for vulnerabilities.

Monitors configuration rule sets and policy enforcement measures and document changes to maintain compliance.

Allows users to perfrom hands-on live simulations and penetration tests.

Condenses long documents or text into a brief summary.

Allows users to generate text based on a text prompt.

Condenses long documents or text into a brief summary.

Capability to perform complex tasks without constant human input

Ability to break down and plan multi-step processes

Anticipates needs and offers suggestions without prompting

Makes informed choices based on available data and objectives

Capability to perform complex tasks without constant human input

Anticipates needs and offers suggestions without prompting

Capability to perform complex tasks without constant human input

Anticipates needs and offers suggestions without prompting