As soon as an alarm is triggered, you can immediately identify known malicious IPs interacting with a vulnerable host, along with all events involving that host, details on the vulnerabilities discovered, notes on who owns the system as well as all the software installed on it.
For example, you may wish to run authenticated scans on compliance-related assets and throttle back to passive vulnerability assessment on low risk assets where reducing network traffic matters more than validating stringent security configurations. Plus, you can schedule scans, with flexibility to select which network segments are to be scanned, and at what frequency.
USM can also send email alerts, open a ticket in the built-in ticketing system, or send an email to an external help desk / ticketing system. And, since exploits often opportunistically follow the discovery and public announcement of vulnerabilities by the security community, the USM vulnerability database is constantly updated with the latest details on known vulnerabilities. The built-in remediation advice is also kept up-to-date and vetted by the AlienVault Labs security research team.