AlienVault USM

(50)
4.5 out of 5 stars

AlienVault Unified Security Management (USM) is a platform that provides five essential security capabilities in a single console to manage both compliance and threats, understanding the sensitive nature of IT environments, include active, passive and host-based technologies to match the requirements of each particular environment.

Work for AlienVault USM?

Learning about AlienVault USM?

We can help you find the solution that fits you best.

Find the Right Product

AlienVault USM Reviews

Write a Review
Filter Reviews
Filter Reviews
  • Ratings
  • Company Size
  • User Role
  • User Industry
  • For Category
Ratings
Company Size
User Role
User Industry
For Category
Showing 50 AlienVault USM reviews
LinkedIn Connections
AlienVault USM review by <span>Karl H.</span>
Karl H.
Validated Review
Verified Current User
Review Source

Security that is out of this world

Updated On
Validated Review
Verified Current User
What do you like best?

The ease of use and customization. The USM is a work horse, no matter what devices or the number of logs we throw at it, the system processes them in real-time, correlates the events, and alerts on only events that need human review.

What do you dislike?

The one thing I continue to dislike about the USM is the limitation on reports. Hard to get what you need in a report and once you do there is no control over the formatting.

Recommendations to others considering the product

Compare how AlienVault does Events Per Second (EPS) compared to others. Most other products charge based on EPS, the more events the more you have to pay. This causes most companies to limit the amount of logs sent and processed. AlienVault charges by the number of devices managed, you can send anything and everything to the USM. The more logs you can process the better correlation you will have. I have found that companies that limit their logs then have a security incident would have been able to identify the attack if they would have been monitoring all events in their logs.

What business problems are you solving with the product? What benefits have you realized?

We are able to get a real-time view on of our security that is accurate. We have seen a dramatic increase in the productivity and efficiency of our security team. We are now able to identify and stop security issues before they get out of control, usually before anyone else even notices.

0 of 0 found this helpful.
Helpful?
Sign in to G2 Crowd to see what your connections have to say about AlienVault USM
Headshots
AlienVault USM review by <span>James E.</span>
James E.
Validated Review
Verified Current User
Review Source
Validated Review
Verified Current User
What do you like best?

I do not have to 'dig' within multiple levels of information to see what is going on. I can view the current alarm notifications in 1 large readable format. If an event catches my attention I can then delve into the details from here.

What do you dislike?

The inability for assets that have been identified to be tracked by MAC address. After spending the time to identify all our assets in the network I have found that devices with DHCP address can be incorrectly identified. Example hostname frplabws02-pc is currently recognized as:

frplabws02-pc (192.168.***.***)

jack-win7.***.local,mikes-pc.***.local,frplabws02-pc.***.local

But DHCP lease has identified the system as : lorettas-iphone.***.local

What business problems are you solving with the product? What benefits have you realized?

To monitor computer systems for vulnerabilities not previously identified. The system discovered an ongoing port scan against our servers that was not identified before. Our main server was getting hit with a port scan to RDP 3389 (default port). Once this was discovered I changed the default port, created firewall rule on the desktop and our cisco firewall to allow legitimate access. Once configured the random port scan stopped and our network seemed to be more responsive.

0 of 0 found this helpful.
Helpful?
Response from Tami Andrews of AlienVault USM

thank you so much James for your comments & valuable feedback!

What Cloud Security solution do you use?

Thanks for letting us know!
AlienVault USM review by <span>Javier R.</span>
Javier R.
Validated Review
Verified Current User
Review Source

Is the SIEM you want

Updated On
Validated Review
Verified Current User
What do you like best?

Best of USM is that you have all tools in one place, vulnerability scanner, netflow, hids...the other thing is the easy way to implement this product you have a wizard in the beggining that help step by step using the best practice like scan your network to find assets and adding to the usm inventory, next initiate the logger from security devices or other programs like, switches, firewalls, AV, you can add a span port to help improve your security this help to see malwares, danger applications, or if you have compromised the netflow help to see if there is a stranger behavior in the network. The USM have a ticket system that help to follow the alarms

What do you dislike?

some times the system have database problem, like generating reports that have too much time like two months ago you cant get the information sometimes, the other thing is when you do a vulnerability scanner you cant do anything because all the performance are using for the task, the other think is the dificult to follow a behaviour that you want to investigate so you have to add the alarm id and find it manually

Recommendations to others considering the product

the best you can do is buy a AV Appliance have all that you need that include like 24 gb ram 1 tb of hdd 16 n so that is one option to buy.

What business problems are you solving with the product? What benefits have you realized?

monitoring and saving time finding threats in the network.

0 of 0 found this helpful.
Helpful?
AlienVault USM review by <span>Paul R.</span>
Paul R.
Validated Review
Verified Current User
Review Source
Validated Review
Verified Current User
What do you like best?

The solution "just works"... once you've got it set up. Support is usually great and the community surrounding the product is top notch.

What do you dislike?

KB Articles leave a bit to be desired and sometimes lack depth or go into too much detail where none is needed, a second pass through technical writers would be a good idea.

Recommendations to others considering the product

You owe it to yourself to at least eval the OSSIM product if you're shopping around, it should give you a good idea of the product without investment.

What business problems are you solving with the product? What benefits have you realized?

SIEM first, ask questions later. The USM thrives as a SIEM and does this at a lower cost of entry than many competitors. Everything else can be hit or miss but it always works... just not necessarily the way you want or in a way that is immediately intuitive.

0 of 0 found this helpful.
Helpful?
AlienVault USM review by <span>Trevor S.</span>
Trevor S.
Validated Review
Verified Current User
Review Source

Well Rounded Product

Updated On
Validated Review
Verified Current User
What do you like best?

This product was easy to get up and running, has a great support team behind it, and has a variety of great tools built into one package.

What do you dislike?

The main problem I have with the USM solution is the tendency for the information to easily overwhelm and thus be ignored. For instance, filtering out expected events tends to be more cumbersome than I would hope.

Recommendations to others considering the product

When selecting a USM solution make sure you speak with a representative about their free trial options. They have different products depending on organization size and their trails are fully functional.

What business problems are you solving with the product? What benefits have you realized?

Alienvault was purchased to meet our needs pertaining to PCI Compliance standards. We were able to use Alienvault to complete four different requirements for monitoring rather than using multiple programs.

0 of 0 found this helpful.
Helpful?
AlienVault USM review by <span>David C.</span>
David C.
Validated Review
Verified Current User
Review Source
Validated Review
Verified Current User
What do you like best?

I like that it one dashboard I get a great overview of what my network is doing.

What do you dislike?

I dislike the agent deployment process and which it were more flexible.

Recommendations to others considering the product

Really do like the software as any company should they continue to improve their product. As I use the product more I begin to realize the cost savings we are actually accumulating such as with the new WannaCry. I hear company after company getting hit by this malware as we had already closed up the vulnerability of SMBv1 in our network due to it showing on my vuln list weeks prior. This alone has saved my company quite a bit of funds.

What business problems are you solving with the product? What benefits have you realized?

We are utilizing this software to prevent and secure our network from malicious attacks and also providing a means to measure our compliance actively.

0 of 0 found this helpful.
Helpful?

Learn more about AlienVault USM

AlienVault USM Videos

Kate avatar
Kate from G2 Crowd

Learning about AlienVault USM?

I can help.
* We monitor all AlienVault USM reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.