Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.levelblue.com/llms.txt

Use this file to discover all available pages before exploring further.

Security monitoring is often about monitoring often-overlooked things such as host, device, and application vulnerabilities, because those are typically the same things that attackers will leverage against you later in carrying out attacks or attempting unauthorized access to data or resources. A good network security monitoring system discovers things every day that provide value to security efforts. USM Anywhere can help to locate or identify:
  • Misconfigured systems.
  • Hosts that have fallen off the radar of asset management.
  • Systems compromised by opportunistic malware or other attacks by malicious software.
  • Inappropriate or unauthorized access of sensitive data or resources from both internal and external parties; for example, detecting websites that should be blocked at the proxy server, but were not.
USM Anywhere priorities for network security operations are determined primarily by correlation rules. The rules link events together into meaningful bundles and turn data into useful information. Correlation is a function of USM Anywhere, which configures automated analysis of correlated events for identifying potential security threats and produces alerts to notify recipients of immediate issues. You can also create orchestration and suppression rules to secure your network security operations.