AlienVault USM Anywhere
The History of Castra and AT&T / Alienvault
Castra has been partners with AT&T / AlienVault since 2013 and we have deployed USM in over 2,200+ organizations all over the world. 2,200+ successful USM Implementations are a testament to our mastery and USM Anywhere expertise. USM Anywhere’s rise in adoption amongst Small to Medium Businesses and Small to Medium Enterprises, played a key role in Castra’s growth since our inception. Deploying 2,200 platforms is one thing, deploying 2,200 successfully with a large percentage of customers returning for more services is another. Castra was using USM Anywhere before it was even released and worked closely with AT&T / AlienVault’s development team as it came online. We have deep knowledge of this platform.
You’re in the best hands possible. Our Security Operation Center is based in Durham, North Carolina and it is second to none. Our SOC is filled with well trained, US-Based, diligent Analysts who are all USM Anywhere experts with several years of Security Operations experience. Our transparent, integrated, and affordable approach coupled with a near 100% renewal rate is why we’ve been AT&T AlienVault’s #1 Partner since 2013.
Castra's Favorite Things About USM Anywhere
- Unified approach of bundling several tools into a single platform
- Valuable for organizations who have limited resources
- Seamless integration into AWS, Azure and GCP
- Built in Intrusion Detection
- Onboard Vulnerability and hardening tools
- Integrated Threat Intelligence: Open Threat Exchange - OTX
- Optional AV Agent to monitor endpoints
- Optional AV Agent to gather telemetry and collect logs from your workstations and mobile devices
- Deploying, rebuilding or replacing sensors is simple and can be completed in minutes
Learn how USM Anywhere integrates with SentinelOne Singularity XDR

Managed Detection and Response Services for USM Anywhere include:
-
- Expert assistance on new service deployment from Security Operations Team
- Designated Primary Security Analyst and 24x7 SOC
- Documented Incident Response Plan
-
- Training and enhancing USM Anywhere’s correlation engine
- Proactive tuning, customer notification and orchestrated response post incident detection
- Advanced alarm and orchestration response
-
- Intensive analysis of customer needs and network environment
- Anomali Threatstream integration - best in class Threat Intelligence Platform (TIPS)
- Custom behavioral modeling and detection rules for improved alarming
-
- Custom notifications for Alarm outputs
- Compliance Based Dashboards
- Custom Reporting
-
- Scheduled teleconferences with Security Operations Team covering: Alarm review and tuning, reporting and customization
- Capacity planning
- Risk posture adjustments
-
- 24×7 monitoring by Security Operations Team
- Cloud-based platform continuously monitors:
- Hardware and software stats
- Event flow rates
- Capacity and performance information
- Proactive tuning and customer notification upon problem detection
Data Sheets
Download more informationbased on the services youneed here.
6 Tiers of MDR Service Fit Your Organization’s Needs
MDR
1-1000 Users
- 24/7 Proactive Threat Detection
- 24/7 SOC2 Type II Security Operation Center
- Custom Notifications, Dashboards and Reports
MDR Pro
1000-5000 Users
- 24/7 Proactive Threat Detection
- 24/7 SOC2 Type II Security Operation Center
- Custom Notifications, Dashboards and Reports
MXDR
1-1000 Users
- EDR/XDR Licensing
- 24/7 Security Operations Center
- Primary Security Analyst
- 24/7 Premium Alarm Monitoring & Response
- Custom Reporting and Dashboards
MXDR+
1-5000 Users
- EDR/XDR License
- Customize Threat Detection
- 24/7 Alarm Monitoring & Response
MXDR Enterprise
5000+ Users
- EDR/XDR License
- Anomali ThreatStream License
- Threat Hunting Pro
- Customized Threat Detection
AlienVault USM Anywhere FAQs
AlienVault USM Anywhere can detect advanced persistent threats (APTs), malware, and ransomware among others. It can also pick up on suspicious network behavior, like the use of a malicious IP address or unauthorized access to private data. Your security team can also uncover changes in user accounts and system configurations to determine if there's been a data breach.