AlienVault Moves Unified Security Management Push Forward

With $62 million in funding, the CEO of open-source security startup AlienVault is gearing up for the challenge of PCI-DSS 3 compliance.


AlienVault is continuing to raise new funding, as it pushes forward on its mission of expand the market for its open-source-based Unified Security Management platform.

The security vendor has raised an additional $26.5 million in Series D funding this month, bringing the total funding since its founding in 2007 to $62 million.

AlienVault CEO Barmak Meftah told eWEEK that the company has been doubling revenues year-over-year for the past three years and wasn't really out looking for new capital. That said, he's happy to have the additional funding to help finance innovation and keep the company growing.

The company, which raised $22.4 million in a Series C funding round in 2012, is often categorized as a security information and event management, or SIEM, vendor, though Meftah stresses that AlienVault is really much more.

At the core of the AlienVault solution set is the company's Open Source Security Information Management (OSSIM) platform. That project is complemented by a commercial Unified Security Management (USM) offering that bundles additional enterprise scale, management and reporting capabilities.

Meftah explained that AlienVault's main offering packages five core security capabilities into a single solution. Those capabilities include threat detection, vulnerability analysis, behavioral analysis that looks for anomalous activities, automated asset inventory management and security analytics from log management in a SIEM.

Going a step beyond what USM and OSSIM provide, AlienVault also shares threat information via its Open Threat Exchange effort, which Meftah describes as a crowd-sourced threat data sharing platform.

Open Source

The OSSIM project has more than 230,000 downloads to date and is continuing to grow. Meftah explained that the open-source project is a core component of his company's commercial sales efforts.

"A typical sale for us is a bottoms-up approach, where an IT operations person has used the open-source product and decides that they want to expand the footprint and need enterprise management capabilities," Meftah said.

OSSIM is currently at its 4.3 release, which is the same as the commercial USM release. Meftah stressed that AlienVault is obsessed about making sure that its open-source community is well taken care of. He noted that open-source community forums for OSSIM are very active and AlienVault staff are among the active participants.


Regulatory compliance is a key growth area for AlienVault, both in terms of technology evolution as well as customer adoption.

"The vast majority of our customers are ultimately driven by compliance, and the payment card industry (PCI) data security standards (DSS) is a huge driver of what we do and how we sell," Meftah said.

PCI-DSS is currently in a state of evolution with the new 3.0 specification in development and expected to become generally available in 2014.

"We're in sync with the PCI rules and regulations," Meftah said. "What's great about our product is you can check off a lot of the requirements for PCI-DSS as it pertains to security analytics and visibility in one fell swoop."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.