G2 Crowd gives a real-time look at how dreamforce sponsors and exhibitioners stack up.
AlienVault USM

AlienVault USM

4.4
(72)

AlienVault Unified Security Management (USM) is a platform that provides five essential security capabilities in a single console to manage both compliance and threats, understanding the sensitive nature of IT environments, include active, passive and host-based technologies to match the requirements of each particular environment.

Work for AlienVault USM?

Learning about AlienVault USM?

We can help you find the solution that fits you best.

AlienVault USM Reviews

Write a Review
Filter Reviews
Filter Reviews
  • Ratings
  • Company Size
  • User Role
  • For Category
  • Industry
Ratings
Company Size
User Role
For Category
Industry
Showing 72 AlienVault USM reviews
LinkedIn Connections
AlienVault USM review by Layla B.
Layla B.
Validated Reviewer
Verified Current User
Review Source

"AlienVault USM Review"

What do you like best?

AlienVault is overall an easy product to use that has a significant amount of documentation and a growing community to help learn the product rather quickly. Our company has only been using AlienVault for a couple of years and we have a pretty solid understanding of the product.

What do you dislike?

The UI can be rather buggy. There isn't a day that goes by that we don't run into an error banner from trying to view an alarm that "doesn't exist in the database" or that the UI page isn't found. My personal favorite is viewing an event through the alarm information page and getting the "this event doesn't exist in the database". These types of errors make it significantly harder to do investigations.

Recommendations to others considering the product

The product is definitely getting better - the features are being more refined and as an MSSP there is a significant amount of resources Alienvault offers. It's definitely worthwhile to check-out, but it isn't for everyone.

What business problems are you solving with the product? What benefits have you realized?

Reporting on vulnerabilities. The vulnerability scans are nice for getting an overall view of an asset. If you need more in depth, the open source tool AlienVault uses won't be enough. But for giving an overall "security health checkup" to a customer it gets the job done.

Sign in to G2 Crowd to see what your connections have to say about AlienVault USM
AlienVault USM review by Karl H.
Karl H.
Validated Reviewer
Verified Current User
Review Source

"Security that is out of this world"

What do you like best?

The ease of use and customization. The USM is a work horse, no matter what devices or the number of logs we throw at it, the system processes them in real-time, correlates the events, and alerts on only events that need human review.

What do you dislike?

The one thing I continue to dislike about the USM is the limitation on reports. Hard to get what you need in a report and once you do there is no control over the formatting.

Recommendations to others considering the product

Compare how AlienVault does Events Per Second (EPS) compared to others. Most other products charge based on EPS, the more events the more you have to pay. This causes most companies to limit the amount of logs sent and processed. AlienVault charges by the number of devices managed, you can send anything and everything to the USM. The more logs you can process the better correlation you will have. I have found that companies that limit their logs then have a security incident would have been able to identify the attack if they would have been monitoring all events in their logs.

What business problems are you solving with the product? What benefits have you realized?

We are able to get a real-time view on of our security that is accurate. We have seen a dramatic increase in the productivity and efficiency of our security team. We are now able to identify and stop security issues before they get out of control, usually before anyone else even notices.

What Security Information and Event Management (SIEM) solution do you use?

Thanks for letting us know!
AlienVault USM review by Brett C.
Brett C.
Validated Reviewer
Review Source

"AlienVault USM Anywhere SEIM"

What do you like best?

The product is easy to use for small organizations that require network and security monitoring. It allows us to monitor systems that are located in geographically different areas than our business office. We can now monitor remote and mobile endpoints with ease.

What do you dislike?

There are times when it can be difficult to get a plugin to work with the USM software. This seems to be getting better as they courteously add and update features but it is still little troublesome at times.

Recommendations to others considering the product

Make sure your monitoring interfaces are located properly within your organization.

What business problems are you solving with the product? What benefits have you realized?

AlienVault USM has helped with issues such as risk management. We are better able to identified potential risk associated with IT. The benefits we have received are such that we can now better to respond to risks that affect our business. With this being the USM Anywhere version, we are able to solve the problem of protecting remote and mobile endpoints from one plane of view with ease.

AlienVault USM review by James E.
James E.
Validated Reviewer
Verified Current User
Review Source

"Simple and understandable security interface"

What do you like best?

I do not have to 'dig' within multiple levels of information to see what is going on. I can view the current alarm notifications in 1 large readable format. If an event catches my attention I can then delve into the details from here.

What do you dislike?

The inability for assets that have been identified to be tracked by MAC address. After spending the time to identify all our assets in the network I have found that devices with DHCP address can be incorrectly identified. Example hostname frplabws02-pc is currently recognized as:

frplabws02-pc (192.168.***.***)

jack-win7.***.local,mikes-pc.***.local,frplabws02-pc.***.local

But DHCP lease has identified the system as : lorettas-iphone.***.local

What business problems are you solving with the product? What benefits have you realized?

To monitor computer systems for vulnerabilities not previously identified. The system discovered an ongoing port scan against our servers that was not identified before. Our main server was getting hit with a port scan to RDP 3389 (default port). Once this was discovered I changed the default port, created firewall rule on the desktop and our cisco firewall to allow legitimate access. Once configured the random port scan stopped and our network seemed to be more responsive.

AlienVault USM review by Javier R.
Javier R.
Validated Reviewer
Verified Current User
Review Source

"Is the SIEM you want"

What do you like best?

Best of USM is that you have all tools in one place, vulnerability scanner, netflow, hids...the other thing is the easy way to implement this product you have a wizard in the beggining that help step by step using the best practice like scan your network to find assets and adding to the usm inventory, next initiate the logger from security devices or other programs like, switches, firewalls, AV, you can add a span port to help improve your security this help to see malwares, danger applications, or if you have compromised the netflow help to see if there is a stranger behavior in the network. The USM have a ticket system that help to follow the alarms

What do you dislike?

some times the system have database problem, like generating reports that have too much time like two months ago you cant get the information sometimes, the other thing is when you do a vulnerability scanner you cant do anything because all the performance are using for the task, the other think is the dificult to follow a behaviour that you want to investigate so you have to add the alarm id and find it manually

Recommendations to others considering the product

the best you can do is buy a AV Appliance have all that you need that include like 24 gb ram 1 tb of hdd 16 n so that is one option to buy.

What business problems are you solving with the product? What benefits have you realized?

monitoring and saving time finding threats in the network.

AlienVault USM review by Paul R.
Paul R.
Validated Reviewer
Verified Current User
Review Source

"No Fuss, No Muss, Does what it says on the Tin"

What do you like best?

The solution "just works"... once you've got it set up. Support is usually great and the community surrounding the product is top notch.

What do you dislike?

KB Articles leave a bit to be desired and sometimes lack depth or go into too much detail where none is needed, a second pass through technical writers would be a good idea.

Recommendations to others considering the product

You owe it to yourself to at least eval the OSSIM product if you're shopping around, it should give you a good idea of the product without investment.

What business problems are you solving with the product? What benefits have you realized?

SIEM first, ask questions later. The USM thrives as a SIEM and does this at a lower cost of entry than many competitors. Everything else can be hit or miss but it always works... just not necessarily the way you want or in a way that is immediately intuitive.

AlienVault USM review by User in Information Technology and Services
User in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source

"AlienVault Pefect for InfoSec SMB"

What do you like best?

1. It's an appliance.

2. It's easy to setup.

3. It's a ton of information.

4. Integrated ticketing system allows for assignment of vulns and closure.

5. UI is good. Easy to use.

What do you dislike?

1. Customization capabilities are limiting:

- We want the AlienVault to be the dashboard for state of health. You get some things.

- Reports are good, but that data can't be put on the dashboard in many cases.

2. AlienVault has BI capabilities, but doesn't leverage BI on the dashboard effectively.

3. AlienVault advertises it's central solution for InfoSec. True for SIEM, but not true for many other aspects. Frustratingly, it could be as the solution is very capable through it's modularity of functions.

Recommendations to others considering the product

1. Give it a chance. It has many features that compete with other more expensive products, like Rapid7.

2. Work with the sales engineering team to put the product through it's paces in POC.

3. Negotiate training when purchashing. Training is essential for full experience.

What business problems are you solving with the product? What benefits have you realized?

1. Security Vulnerability Assessment and tracking of production systems.

2. SIEM Logging and alerting of all security products.

3. Monthly reporting audit requirements.

AlienVault USM review by Trevor S.
Trevor S.
Validated Reviewer
Verified Current User
Review Source

"Well Rounded Product"

What do you like best?

This product was easy to get up and running, has a great support team behind it, and has a variety of great tools built into one package.

What do you dislike?

The main problem I have with the USM solution is the tendency for the information to easily overwhelm and thus be ignored. For instance, filtering out expected events tends to be more cumbersome than I would hope.

Recommendations to others considering the product

When selecting a USM solution make sure you speak with a representative about their free trial options. They have different products depending on organization size and their trails are fully functional.

What business problems are you solving with the product? What benefits have you realized?

Alienvault was purchased to meet our needs pertaining to PCI Compliance standards. We were able to use Alienvault to complete four different requirements for monitoring rather than using multiple programs.

AlienVault USM review by David C.
David C.
Validated Reviewer
Verified Current User
Review Source

"Making my job easier or harder depending on how you look at it."

What do you like best?

I like that it one dashboard I get a great overview of what my network is doing.

What do you dislike?

I dislike the agent deployment process and which it were more flexible.

Recommendations to others considering the product

Really do like the software as any company should they continue to improve their product. As I use the product more I begin to realize the cost savings we are actually accumulating such as with the new WannaCry. I hear company after company getting hit by this malware as we had already closed up the vulnerability of SMBv1 in our network due to it showing on my vuln list weeks prior. This alone has saved my company quite a bit of funds.

What business problems are you solving with the product? What benefits have you realized?

We are utilizing this software to prevent and secure our network from malicious attacks and also providing a means to measure our compliance actively.

AlienVault USM review by Administrator in Management Consulting
Administrator in Management Consulting
Validated Reviewer
Verified Current User
Review Source

"Its the People that make a great product"

What do you like best?

Ease of use, clarity, the support and training - enthusiasm of the support and training teams - training is fantastic - we also had a day of consultancy and that was extremely insightful - the product brings a broad feature stack in one clean unified interface - its easy to install, and maintain - the OTX pulses are very helpful and provide a powerful platform for almost instant detection of emerging threats - worth subscribing to whilst you eval the product

What do you dislike?

Some aspects of the upgrade process - the fact that you backup, upgrade the system, but that backup is worthless as it can only be used on the previous build version, which would require a downgrade install and fresh build - fine in a VM world if you are using the virtualised version of the product and can take a snapshot, but could be improved upon. We run another backup post upgrade for completeness and compatibility. Some of the menus/features are over nested - not always clear where to find things.

Recommendations to others considering the product

Run an Eval, give yourself time - its a comprehensive product- make sure you understand the networking requirements - do the training - its great value and very well taught - understand the need for remote sensors - only log what you need to!

What business problems are you solving with the product? What benefits have you realized?

The primary purpose of AlienVault USM is to provide us with additional insight in to the unknown - what's happening on our network, and servers and to provide an SIEM platform to help reduce risk and improve management, bring insight in to our logs.

AlienVault USM review by Administrator in Computer & Network Security
Administrator in Computer & Network Security
Validated Reviewer
Review Source

"Okay Solution that does not play well with others"

What do you like best?

The log analysis component works well and adding additional alerting rules is pretty simple.

They have a large number of modules for ingesting logs from a variety of systems.

Support is pretty good.

Open threat exchange is an excellent idea and well implemented.

The UI is ok

Annual cost is better than most

Using the USM client is a quick and easy way to forward system logs into USM.

They have a easy to read task list of what is in their pipeline for new features.

What do you dislike?

The lack integration with other tools. They have a ticket system that is ok, it would be better if they had integration with third party tools like Jira.

They have assets that are used to conduct scans and assign modules for understanding logs taken from it. Again there is no integration with any third party asset management system.

They have a vulnerability scanner however its not as through as some of the alternatives and you can not initiate scans via an api.

They claim to have a compliance scanner what they really have is a set of canned reports that you can provide to an auditor. A compliance scanner is something like openscap.

They only allow in the ingesting and processing of Office 365 logs in their cloud solution. There is no reason why this couldn't also be done with their on premise solution as well.

It would seem that development of their USM product has slowed to a crawl. If you monitor their change lists on their website the upcoming changes to their USM product is woefully lacking. It would be better if they used the same code base for both platforms and when one feature was added to one platform it would also be available to the other.

Recommendations to others considering the product

Do a feature comparison and go with the system that has the best cost for the features you need.

Qualys appears to be the most featured product but the most expensive.

Rapid 7 is a little more expensive but has a few more features that Alienvault needs to add.

I would take another look at tenable's solution as its changed a good bit since my last eval.

Alienvault may be missing some of the features I was looking for but they have provided great support and their features cover most of what I was looking for.

The Alienvault USM Appliance seems to be lagging behind their USM Anywhere product as far as development goes. If you are not required to have Fedramp certified cloud services I would recommend going with USM anywhere over the USM appliance. However USM Anywhere does cost a bit more.

What business problems are you solving with the product? What benefits have you realized?

AlienVault USM analyses our logs and reports vulnerabilities.

AlienVault USM review by Marcela  G.
Marcela G.
Validated Reviewer
Verified Current User
Review Source

"Alienvault is a good choice as SIEM"

What do you like best?

It is easy to understand and use, the training by the staff is excellent and fast since they have solved several doubts. . Alienvault is a product that works well for companies that do not have personal security insurance, which is quite easy to start up and manage.

What do you dislike?

I have nothing that I dislike about AlienVault

What business problems are you solving with the product? What benefits have you realized?

DS, vulnerability scanning, activity time monitoring, notification of when a server or device is disconnected, network mapping, network asset detection, malware monitoring, network traffic monitoring, record consolidation, activity alert suspicious etc.

AlienVault USM review by Administrator in Investment Management
Administrator in Investment Management
Validated Reviewer
Verified Current User
Review Source

"Great Product, very flexible but difficult to get started"

What do you like best?

The product is amazing in terms of what it can do, it is very flexible and powerful. Lots of features relating to alerts on potential threats. In addition the ability to package a SIEM into the same product is great.

What do you dislike?

It is complicated to get started. It takes a big learning curve to get up and running. The online training is basic at best and their online courses are "In Person" so you have to sit through an entire session at one time. I don't have 5 full days to take a training class (EVER).

Recommendations to others considering the product

Make sure you have the bandwidth to dedicate for setup and training. This is not a product that is set and forget. You must install and customize it to your environment before it will be useful.

What business problems are you solving with the product? What benefits have you realized?

I was looking for a vulnerability scanner to solve a business requirement of being able to scan my entire network and prioritize vulnerabilities.

AlienVault USM review by Ruben H.
Ruben H.
Validated Reviewer
Review Source

"Alienvault Good Choice For All Around SIEM"

What do you like best?

Integration of security tools in one platform, I think is a differential on the market with the others SIEM's, the ease of modify and create my own plugins although is need have a deep linux knowledge.

I think the reports is very good, the solution have the templates to get information and take decisions to improve the security controls.

What do you dislike?

It's not just AV, I think all platforms in the market needs to improve the GUI to have a better manage and I think the preformance in the appliances need improve and last, more documentation or improve the KB to have a better knowledge to do troubleshooting.

Recommendations to others considering the product

Deployment, integration and scalability

What business problems are you solving with the product? What benefits have you realized?

It is perfect to have the best visibility of the behavior of the network with reports and to give evidence to the compliances such as ISO 27001, also is great tool to begin to established indicators to the SOC with the data recollected

AlienVault USM review by Eric S.
Eric S.
Validated Reviewer
Verified Current User
Review Source

"It's a Swiss Army Knife of Functionality"

What do you like best?

One pane of glass covers a lot of functionality. Alienvault provides an awful lot of coverage at a very reasonable price. And, over time the user interface has improved and the linkages between functionality has become better. We are looking forward to being a long term customer.

What do you dislike?

Updating could be better. Occassionally there is regression in small pieces of functionality during an update. Most updates are just fine; however, some of the updates have caused problems - especially with vulnerability scanning (slower scanning). This is usually resolved fairly quickly, but it would have been helpful for this to be better QA'd first.

Recommendations to others considering the product

If you need a lot of functionality in one solution - this is a great tool. It may not be 100% of the best point solution, but it will be 80-90% of the functionality and nearly 100% of what you would actually use anyway.

What business problems are you solving with the product? What benefits have you realized?

SIEM, VulnManagement, HIDS, Asset Discovery - Basically, excellent coverage on required toolsets to manage an InfoSec Program.

AlienVault USM review by Philip G.
Philip G.
Validated Reviewer
Review Source

"Industry Tools from the College Classroom to the Field"

What do you like best?

The executive dashboards give an immediate presence when displayed in the classroom environment on a big screen television as a dashboard. Students become inquisitive to learn what a product like USM or SIEM is, as buzz words become alive to touch an actual product. It is one thing to read about a Unified Security Manager (USM), or a Security Incident Event Manager (SIEM), but to actually visually see in a production environment and use it is another story.

What do you dislike?

There is a huge learning curve to understand the product. False positives provide a means for the students to do adequate research on a particular event and determine if what actually happened in the environment did indeed happen.

Recommendations to others considering the product

Have a dedicated person understand the product and give them the time to use it.

What business problems are you solving with the product? What benefits have you realized?

Many of our students are using AV in their required internship jobs as the companies they go to work for in the field are using the product. This is a great way for students to learn the product in a production lab environment without fear of breaking something.

AlienVault USM review by Clark B.
Clark B.
Validated Reviewer
Review Source

"It does the job"

What do you like best?

The software is user-friendly, and anyone can be trained to use it. New employees don't take a LOT of time trying to get used to it. In my organization's scenario, the on-premise appliance provides great value as we are a small company with site inter-connectivity. Where I am not too sure of is how exactly the product scales with very large networks with separate Windows and network domains.

What do you dislike?

Could be a little less expensive for other companies to try out. Walking through all the devices after a Nmap or device discovery scan can be tedious to get the data correct

What business problems are you solving with the product? What benefits have you realized?

The vault helps protect all kinds of data and helps with encryption as well

AlienVault USM review by Kevin W.
Kevin W.
Validated Reviewer
Review Source

"AlienVault Locks it Down"

What do you like best?

AlienVault provides a simple, customizable dashboard to easily see the most important things going on in your environment. It goes beyond traditional SIEM by providing things like File Integrity Monitoring, IDS and Asset Management. It also has very simple integration with common cloud services (USM Anywhere only).

What do you dislike?

From a volume perspective, if you have a ton of log data, it isn't the best tool for traditional SIEM activities. There is also no migration from USM Appliance to USM Anywhere. You basically have to start over if you move some things to the cloud and want to capture that information.

What business problems are you solving with the product? What benefits have you realized?

Besides being a SIEM platform, I consider AlienVault to be a security/threat management platform. It provides IDS, SIEM, and active threat monitoring.

AlienVault USM review by Richard P.
Richard P.
Validated Reviewer
Review Source

"Keeping an Eye of your Network"

What do you like best?

AlienVault's ability to monitor all HIDS and NIDS traffic and to correlate security events to warn you of breaches or malware is exceptional. They constantly update their intelligence and will provide a view of the network for the cyber security engineer that ordinarily he or she would not have.

What do you dislike?

I would recommend that the installation be done by a certified engineer. The setup is critical and not intuitive.

Recommendations to others considering the product

Powerful product. Setup is crucial and monitoring a must.

What business problems are you solving with the product? What benefits have you realized?

Firewalls, Endpoint protection, IDS, Sandboxing are all necessary components of network security. They usually do a great job in keeping malware and threats from penetrating their defenses. However, nothing is 100% effective. AlienVault makes sure that if anything does get through, AlienVault let's me know so I can handle the intrusion. Without it, I wouid be network blind.

AlienVault USM review by Karel .
Karel .
Validated Reviewer
Verified Current User
Review Source

"AlienVault USM - technology of data distillation to information"

What do you like best?

One graphic enviroment can orchestrate six security tools. Every tool is so connected with everyone. Together they achieve higher values. Information context, graphical form and interactivity also give this community a tool of a special spirit. Good idea, good execution.

What do you dislike?

AlienVault USM use MySQL like main database engine. I would like to be able to connect to another database, for example some graph database (Neo4J) or object database (CEPH).

Recommendations to others considering the product

Please - try to create a better environment for parser creation and correlation.

What business problems are you solving with the product? What benefits have you realized?

we provide more secure security for clients who are unattainable for better security.

AlienVault USM review by Erlon S.
Erlon S.
Validated Reviewer
Verified Current User
Review Source

"An excellent tool that delivered us much more than we were looking for."

What do you like best?

The way the tool handles several extremely important areas in security management. At the same time, we have a vulnerability scanner, we have a SIEM and a cloud event analyzer. Several crucial tools delivered in just one platform.

What do you dislike?

The licensing model based on monthly traffic brings a recurring concern so that the monthly limit is not reached.

Recommendations to others considering the product

strongly recommend joining the official training of the tool. This allowed us to discuss with other users, various situations as well as best practices.

What business problems are you solving with the product? What benefits have you realized?

In our case, the main thing is the adequacy to the GDPR and the delivery of information that allow us to fulfill our security policy.

AlienVault USM review by Shaun S.
Shaun S.
Validated Reviewer
Verified Current User
Review Source

"More than just a SIEM"

What do you like best?

I like all the features in AlienVault. Vulnerability Scanning, SIEM, IDS, File Integrity Monitoring are all critical functions we use daily

What do you dislike?

It does take some configuration of plugins, but AV will create ones given log files. Additionally, the vulnerability scans can take some tweaking but they are always updated with new vulnerabilities.

What business problems are you solving with the product? What benefits have you realized?

We started looking for a SIEM and found AlienVault did so much more. We were able to convert older systems and consolidate all our logging and alarms in one system. I appreciate all the functionality AV gathers into one windows pane.

AlienVault USM review by Administrator in Information Technology and Services
Administrator in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source

"Alienvault USM"

What do you like best?

I love the ability to see anything and everything that is going on in my network. The dashboard and alarms page are the beginning and end of my days and it makes my daily life easier!

What do you dislike?

Without training, the product is quite usable, but even with some training, there is usually a need for additional training in order to fully utilize all of the capabilities. I wish it were easier to mark events as false-positives instead of having to create custom policies that can take a bit to configure properly.

Recommendations to others considering the product

Alienvault is the only SIEM that I've used, but I've worked with former federal agents and they swear by Alien Vault so you know it's good.

What business problems are you solving with the product? What benefits have you realized?

We are concerned with HIPAA regulations and the built-in reporting is great.

AlienVault USM review by Corey S.
Corey S.
Validated Reviewer
Verified Current User
Review Source

"Secure Compliance Solutions uses AlienVault to provide Managed Security Services"

What do you like best?

The Visibility it provides into the traffic traversing the network. From the moment it is set up and configured, it is providing value.

What do you dislike?

It can get be expensive to install. Also, the product requires a handsome supply of system resources.

Recommendations to others considering the product

Consider going with USM Anywhere if you plan on managing it internally.

What business problems are you solving with the product? What benefits have you realized?

Information security management and general piece of mind. The news is inundated with stories of system breaches. With AlienVault installed and configured, there is always a team of security researchers on your payroll.

AlienVault USM review by Consultant in Computer & Network Security
Consultant in Computer & Network Security
Validated Reviewer
Review Source

"It Has Powerful Threat Detection, Incident Response, And Compliance Management"

What do you like best?

AlienVault Unified Security Management (USM) has powerful threat detection, incident response, and compliance management. We can use this across cloud, on-premise and hybrid environments.

The reason to use USM is that it has the following components in its package:

Asset Discovery

Vulnerability Assessment

Intrusion Detection

Behavioral Monitoring

SIEM & Log Management.

What do you dislike?

AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive.

What business problems are you solving with the product? What benefits have you realized?

AlienVault has an advanced component within one package. With this, we can cover more area with one solution.

As a example, it has vulnerability assessment component built-in. From this, we can do the vulnerability assessment easily and we do not have to buy another solution for the vulnerability assessment. It is easy to use and we can take better advantage from an all-in-one solution like USM.

AlienVault USM review by Administrator in Financial Services
Administrator in Financial Services
Validated Reviewer
Verified Current User
Review Source

"Great data aggregation and monitoring"

What do you like best?

The more data you feed into AV, the better reporting and analytics you get out of it. Since AV can cross correlate different sources of data, it notifies our team much more quickly of any potential issues.

What do you dislike?

The amount of granularity can become overwhelming. However, it becomes much easier after a bit of time with the rules.

Recommendations to others considering the product

If you need data aggregation for your security events, this is the tool to use. On top of the standard SIEM features, AV's OTX community is great resource for security events that happen around the world.

What business problems are you solving with the product? What benefits have you realized?

Security monitoring and awareness. We now have a single pane of glass to all things related to security on the network.

AlienVault USM review by Consultant in Information Technology and Services
Consultant in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source

"AlienVault USM Anywhere"

What do you like best?

AlienVault USM Anywhere is a great product. Its ability to post threat data to a cloud console is a huge improvement over the previous reporting functionality.

What do you dislike?

It can still be difficult to integrate with 3rd party products. Digesting logs from some devices still requires plugins to be build manually - but they have made great strides in including more plugins by default. DHCP-based networks are still quite challenging to deal with.

What business problems are you solving with the product? What benefits have you realized?

It is a great tool for knowing what types of activities are happening on your network. It has enabled the mitigation of several benign but unwanted applications on the network.

AlienVault USM review by Jose S.
Jose S.
Validated Reviewer
Verified Current User
Review Source

"I am a tier 2 analyst for an MSP."

What do you like best?

The interface is clean and easy to use.

What do you dislike?

There are certain reporting and search functions that I would think would be standard that Alien Vault is unable to do such as attach an automatically generated spreadsheet to an email. Make columns sortable in the web view, easily seach multiple chriteria in the siem, etc.

What business problems are you solving with the product? What benefits have you realized?

We use AlienVault to notify customers of malicious events, policy violations, vulnerable systems and misconfiguration issues that occur on their networks.

AlienVault USM review by Administrator in Education Management
Administrator in Education Management
Validated Reviewer
Verified Current User
Review Source

"AlienVault USM is the guard dog you need"

What do you like best?

The quick out of the box setup. The easy to figure out settings because their documentation is not very good. The customization ability for plugins, rules and alerts. The integration with OTX makes it feel being part of a world wide Infosec Operation.

What do you dislike?

Documentation and training are not good. The product itself is pretty solid and has never given me issues and i've implemented it at 2 different companies. Their support is very solid and responsive.

What business problems are you solving with the product? What benefits have you realized?

It has given both companies i have implemented this at the ability to get into the SEIM space at a nice price. My teams have been small so being able to implement, tune and train has been very important.

AlienVault USM review by Kevin M.
Kevin M.
Validated Reviewer
Verified Current User
Review Source

"AlienVault USM Single Pain of Glass"

What do you like best?

All the monitoring is right at your finger tips.

Easy to navigate with plenty of features to do the job,

What do you dislike?

It does take a little while to learn where all the features are located.

The appliance does so much right out of the box, maybe there could be different user levels.

Recommendations to others considering the product

Defiantly is worth the investment, you won't be sorry.

What business problems are you solving with the product? What benefits have you realized?

Keeping our environment safe.

Definitely helps with alerting the threats. Great device for log collection and reporting.

AlienVault USM review by Karl S.
Karl S.
Validated Reviewer
Verified Current User
Review Source

"Feature packed but unrefined"

What do you like best?

AlienVault is made of well known open source tools which makes it highly customization.

What do you dislike?

The UI is a bit unrefined and the reporting is not the best to look at. The software can also be unreliable.

Recommendations to others considering the product

Be knowledgeable with linux and take their training course to become familiar with the product.

What business problems are you solving with the product? What benefits have you realized?

Security visibility and monitoring.

AlienVault USM review by David I.
David I.
Validated Reviewer
Review Source

"Alienvault USM for Security professionals"

What do you like best?

AlienVault is an all-in-one SIEM device for monitoring events on your network. Not only does it monitor everything on your network, but also comes with a built-in vulnerability scanner.

What do you dislike?

Some of the reporting capabilities are not quite as robust as I would like.

Recommendations to others considering the product

For the price that AlienVault is; it is hard to beat everything you get; Events plus a vulnerability scanner.

What business problems are you solving with the product? What benefits have you realized?

Solving the issue of having tons and tons of events scattered throughout the organization, but no way to have one place to find what all is happening. With Alienvault we have been able to see everything for the organization, in one nice dashboard.

AlienVault USM review by Juan Carlos G.
Juan Carlos G.
Validated Reviewer
Verified Current User
Review Source

"The best USM"

What do you like best?

the simplicity of the administration console.

What do you dislike?

There really is not much to say, but I have problems with the false positives detected.

Recommendations to others considering the product

Vulnerability scan of anywhere solution.

does not works same at the usm aio

What business problems are you solving with the product? What benefits have you realized?

We was can detect with the anywhere solution a brute force attack and stop the attack before that the incident increased.

AlienVault USM review by Administrator
Administrator
Validated Reviewer
Verified Current User
Review Source

"Stability of the platform"

What do you like best?

The platform is stable in a virgin installation, has good speed, has ease of use, has good whiteboards for summary of statistics, integrates in a good way to several IDS and IPS, has a very good amount of pluing, has its free version that Is OSSIM, it is easy to install and configure, Has a friendly interface, has very good details about the events, the design is sober is professional, Everything can be handled from a click from the web interface or from the CLI that provides this gives a very large ease and maneuverability

What do you dislike?

The installation after its constant patching becomes unstable, the database is saturated to such a level that it comes to think that it does not have a good architecture or index relation, has very poor description of logs makes you investigate out of the tool each Code detected to make your diagnosis, has a poor information of the activity of the users, the support in the version USM they serve but they do not solve

Recommendations to others considering the product

Improve the support, in the aspect that reaches a point where nobody can fix the problem and you stay with the platform unstable and with bad modules, and support in other languages

What business problems are you solving with the product? What benefits have you realized?

Helped me to keep track of network traffic and traffic analysis good traffic bad and possible amanezas the analysis panel is very friendly and easy to use when you take the practice, its management in correlations creates ideas that serve you to power Seek and deepen some vulnerability

AlienVault USM review by Patrick N.
Patrick N.
Validated Reviewer
Review Source

"AlienVault after 1 year of usage"

What do you like best?

All logs in one place, simply dashboards and IDS to detect what we cannot see at firts.

What do you dislike?

Detection on systems - manual and automatic if you mix them you will end with two same systems. Plugins which sometimes do not recognize logs details.

Recommendations to others considering the product

Please write yourself all bullet point why you need SIEM solution and search until you find something what match most of them as otherwise you end up with costly system changes.

What business problems are you solving with the product? What benefits have you realized?

It saved my daily time of systems logs check - 2h a day.

AlienVault USM review by Administrator in Financial Services
Administrator in Financial Services
Validated Reviewer
Verified Current User
Review Source

"Alienvault Good Choice For All Around SIEM"

What do you like best?

Alienvault was straightforward to set up and start using. Training was good and allowed us to immediately customize the product to our needs. Support has been good when needed. This product gives us much more insight as to what is happening on our network than we had previously. The included scanner is good and allowed us to cancel our subscription with another vendor for the service. Alienvault is a product that works well for businesses that do not have a dedicated security staff since it is pretty straightforward to get up and running and to manage. Asset discovery is fair, OS is typically incorrectly identified though. Support is typically pretty good, fairly quick to respond and provide a solution to the reported issue.

What do you dislike?

Data organization could be better. Need to be able to sort scan results on the vulnerability for example. I currently rely on a system built in-house that I then export scan data from Alienvault and input into this system in order to then view in a more readable format. Vulnerabilities within USM itself have been identified but not yet corrected. For being a security product, you expect this to be addressed quickly.

Recommendations to others considering the product

Take the training when you can dedicate your full attention to it.

What business problems are you solving with the product? What benefits have you realized?

Enable/improve behavioral analysis of users and other entities

Enable/improve log collection, reporting and retention capabilities

Enable/improve security event alerting, investigation

Enable/improve security incident workflow and reporting

Meet regulatory or commercial compliance requirements

AlienVault USM review by Consultant in Computer & Network Security
Consultant in Computer & Network Security
Validated Reviewer
Verified Current User
Review Source

"Best Tool to Learn SIEM"

What do you like best?

ALL In One (Logger, Vuln. Management, Ticketing Mgmt Etc) Centralized Monitor of IT Environment.

Easy to understand, Implement and make it run. Huge number of Pluggins for the variety of devices

What do you dislike?

In Asset discovery, Not Host getting all the Information (Even we deploy Ossec)

Max No of Correlation available only based on NIDS. if Some where not possible to implement to use NIDS, You have to write own Correlation.

Offline Updates Not available (If Air gaped networks ie isolated from the internet)

Recommendations to others considering the product

It is Suitable for the Middle size Organization.

What business problems are you solving with the product? What benefits have you realized?

Data Security(USB Detection), Asset Management, Vulnerability Scanning & Reporting.

Centralized Monitor of IT Environment. (Federated Environment Monitoring)

Integration of MS SQL Audits.

AlienVault USM review by Rogelio c.
Rogelio c.
Validated Reviewer
Review Source

"AlienVault USM Anywhere"

What do you like best?

The best thing you can do is buy an AV device that has everything you need and that includes 24 gb ram 1 tb hard disk 16 n, so that is an option to buy and take advantage of the full potential of the team.

What do you dislike?

At the moment nothing, the truth is that the service provided is very incredible and has not had any kind of problem.

Recommendations to others considering the product

Yes

What business problems are you solving with the product? What benefits have you realized?

Evaluate all the assets of your red ... before someone else does! (Active Scanning of Red - Passive Monitoring of Red - Inventory of Assets - Inventory of Software)

AlienVault USM review by Stephen K.
Stephen K.
Validated Reviewer
Verified Current User
Review Source

"AlienVault USM Anywhere "

What do you like best?

The Ease of implementation is nice. It is very easy to get up and running in a environment.

What do you dislike?

It could use some better customization. It can be difficult to filter out all the noise of the alerts.

What business problems are you solving with the product? What benefits have you realized?

We are solving reporting and remediation required for PCI compliance. It is also to Identify Potential security breaches to our infrastructure.

AlienVault USM review by Administrator in Higher Education
Administrator in Higher Education
Validated Reviewer
Verified Current User
Review Source

"AlienVault USM AIO"

What do you like best?

The fact that it incorporates many different utilities into one product.

What do you dislike?

It is slightly difficult to navigate until you figure out where everything is located in the menus. You have to use it a good bit to get used to where things are.

Recommendations to others considering the product

Get on a Webinar with Alien Vault and let them live demo it for you. Also, sign up for the many videos and webinars they offer on how to do certain things you are interested in doing. Download the free trial a play with it in your environment.

What business problems are you solving with the product? What benefits have you realized?

IDS, vulnerability scanning, uptime monitoring, notification of when a server or device goes offline, network mapping, asset discover on the network, malware monitoring, network traffic monitoring, log consolidation, suspicious activity alerting, OTX, notification of threat risk around the world to watch out for, and many more things too numerous to list here.

AlienVault USM review by Sergio S.
Sergio S.
Validated Reviewer
Verified Current User
Review Source

"Nice SIEM nut with a few cons"

What do you like best?

I like the policy rules because we can analyze all out traffic with it

What do you dislike?

i don't like have to reload all the filters whe I create a new tab

What business problems are you solving with the product? What benefits have you realized?

We aboard all the traffic and analyze the payloads

AlienVault USM review by Baillio, A.
Baillio, A.
Validated Reviewer
Verified Current User
Review Source

"Best budget friendly commercial SIEM and all-in-one tool available"

What do you like best?

The best part of this product is that even right out of the box, you get instant utility. With the NIDS feature, you get instant alerting and security insight. Adding syslog, vulnerability scans and asset tracking is icing on the cake.

What do you dislike?

Coming from an open source background, the reporting and UI have that homegrown feel. Not the most intuitive or professional, but functional.

What business problems are you solving with the product? What benefits have you realized?

This helps cover so many areas...compliance, security operations, vulnerability management. Biggest benefit is the IDS functionality and syslog correlation. This helps us with visibility and incident response. We can easily respond to the results of the correlation and alerting.

AlienVault USM review by Administrator in Information Technology and Services
Administrator in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source

"AlienVault USM"

What do you like best?

Alien Vault USM provides an all in one solution to compliance and network monitoring. With advanced intrusion detection and logging.

What do you dislike?

I have nothing to dislike about AlienVault

Recommendations to others considering the product

Easy to use and deploy

Nice GUI easy to setup users and user levels

What business problems are you solving with the product? What benefits have you realized?

Unified Security Management (USM) Delivers Advanced Security in the Cloud & On-Premises

Asset Discovery / Asset Management

Vulnerability Assessment / Network Vulnerability Scanning

Vulnerability Management

Intrusion Detection

Network IDS

Host Based IDS

File Integrity Monitoring

SIEM / Event Correlation

SIEM

Event Correlation

Threat Detection

Insider Threats

Advanced Persistent Threats

Ransomware

AlienVault USM review by Dan D.
Dan D.
Validated Reviewer
Verified Current User
Review Source

"Great product with an awesome support staff behind it."

What do you like best?

Very easy to setup and monitor new assets, Like the ability to setup policy t be alerted on. scheduling auto scans to meet compliance needs. It very easy to train staff to use and working with AlienVault.

What do you dislike?

I dislike not having this AlienVault soon.

Recommendations to others considering the product

Great product with excellent support

What business problems are you solving with the product? What benefits have you realized?

This solves compliance requirements such as pci, hipaa and Judicial court systems compliance

AlienVault USM review by Administrator
Administrator
Validated Reviewer
Verified Current User
Review Source

"AlienVault USM "

What do you like best?

Alarms for bad actors. Notifications to email on specific events. Reporting on custom events is nice for tracking usage.

What do you dislike?

Couple of dislikes... HIDS is very slow so if you're trying to audit Active directory logons for a specific user forget it. Plugins are just too hard to write if you aren't a programmer. Need a professional to do any real "tweaking" as support only does break fix.

Recommendations to others considering the product

Learn Regex/Python

What business problems are you solving with the product? What benefits have you realized?

SIEM window pane for threats and HIPAA compliance through audits and notifications.

AlienVault USM review by Administrator in Mechanical or Industrial Engineering
Administrator in Mechanical or Industrial Engineering
Validated Reviewer
Verified Current User
Review Source

"Newbie that's very impressed so far"

What do you like best?

I like the ease of deployment and the fact that everything is managed from a single pane

What do you dislike?

Nothing comes to mind so far as it's living up to it's hype

Recommendations to others considering the product

Give the trial a shot - you won't be disappointed

What business problems are you solving with the product? What benefits have you realized?

Our company has now a real-time view of threats and can act upon these if/when they happen. Previously we may never have noticed or found out that we were being targeted

AlienVault USM review by User in Information Technology and Services
User in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source

"Can't Do Any Better for the Cost"

What do you like best?

AlienVault is a full featured cost effective SIEM that provides quality threat intelligence for a lot less than the competition.

What do you dislike?

The learning curve compared to some of the competition and the lack of native user behavior analytics.

Recommendations to others considering the product

Like anything, run it through it's paces to make sure that it meets your business requirements.

What business problems are you solving with the product? What benefits have you realized?

It's a SIEM... It provides real-time analysis of security alerts generated by network hardware and applications.

AlienVault USM review by Administrator
Administrator
Validated Reviewer
Review Source

"Flexibility and Intelligence"

What do you like best?

My organization is spread out across the globe, so the sensor deployment has greatly increased our ability to reach each site and gain the visibility we need.

What do you dislike?

Alienvault USM Anywhere has many updates, some of which will break suppression rules I write. This usually gets fixed in the next one or two updates, but can be frustrating.

Recommendations to others considering the product

If you want a product that is flexible to deploy, easy to use, and has a backing of community-created intelligence you will want this product.

What business problems are you solving with the product? What benefits have you realized?

Global deployment and gaining visibility into disparate sites to help create environmental standards.

AlienVault USM review by Rakgomo David M.
Rakgomo David M.
Validated Reviewer
Verified Current User
Review Source

"USM anywhere"

What do you like best?

I like USM anywhere becuase you can access it wherever you be and its good on how it can detect Ransomware

What do you dislike?

Honestly Alien Vault USM has been a great product to you use

What business problems are you solving with the product? What benefits have you realized?

Detecting Ransomware,

AlienVault USM review by Kevin C.
Kevin C.
Validated Reviewer
Verified Current User
Review Source

"Simple and Powerful"

What do you like best?

Interface and ease of use. I like the dashboard views

What do you dislike?

Maybe not simple enough - the back end set up can be bewildering!

Recommendations to others considering the product

Best for money

What business problems are you solving with the product? What benefits have you realized?

PCI Compliance

AlienVault USM review by Brian W. C.
Brian W. C.
Validated Reviewer
Verified Current User
Review Source

"Big Bang - Less Buck"

What do you like best?

The AlienVault team is very easy to work with and eager to assist at all times

What do you dislike?

Deployment is a bit hairy, but aren't all solutions like this?

Recommendations to others considering the product

Check out the Gartner Magic Quadrant for SIEM and MSSP solutions first.

What business problems are you solving with the product? What benefits have you realized?

We are solving the business problem of being "The" regional MSSP of choice and adding an enhanced security practice to our existing customer base who consider us to be their trusted advisor already.

AlienVault USM review by Administrator
Administrator
Validated Reviewer
Verified Current User
Review Source

"Great All in one device."

What do you like best?

I like that it is many tools in one. It can do vulnerability scans, Log collection and IDS.

And correlating all those things into one interface.

What do you dislike?

Sometimes on the interface it can be hard to find things because it does do some much.

And the results from the vulnerability scans it would be nice to be able to sort he results better.

What business problems are you solving with the product? What benefits have you realized?

Log management, vulnerability scanning and IDS.

AlienVault USM review by Administrator in Insurance
Administrator in Insurance
Validated Reviewer
Verified Current User
Review Source

"Network Administrator"

What do you like best?

Great value for the price - given you get a SIEM, log management, asset discovery, vulnerability management, Intrusion Detection and behavioral monitoring.

What do you dislike?

Like any SIEM it requires care and feeding

Recommendations to others considering the product

Great product and value. Company is growing and very responsive.

What business problems are you solving with the product? What benefits have you realized?

Better insight into our security posture with log correlation, vulnerability assessments and network IDS. Ability to be notified of and prevent threats.

AlienVault USM review by Administrator in Government Administration
Administrator in Government Administration
Validated Reviewer
Verified Current User
Review Source

"Alienvault is a good cost effective solution for PCI Compliance"

What do you like best?

Good licensing terms, great interface, easy to install agents, good reporting, and great engagement from the vendor.

What do you dislike?

Updates are very frequent, which is good and bad, as you need to update a lot, but you also get the benefit of new features and detections.

Recommendations to others considering the product

This product hits all the marks on value for money.

What business problems are you solving with the product? What benefits have you realized?

I needed AlienVault USM to help with PCI DSS compliance.

AlienVault USM review by User in Staffing and Recruiting
User in Staffing and Recruiting
Validated Reviewer
Review Source

"Easy and Affordable!"

What do you like best?

I love that it works with other system tools like Office365, McAfee and ServiceNow. Really streamlines everything into one process and makes it very user friendly. It is also HIPAA compliant.

What do you dislike?

Alarm dashboard is very busy, but it is broken up into 5 categories of risk which will show you can focus on the most important threats.

Recommendations to others considering the product

Do not be overwhelmed by the threat dashboard. Focus on the largest/most important threats.

What business problems are you solving with the product? What benefits have you realized?

Assessment of vulnerability, identifying suspicious behavior from users, fast detection of threats and fast response.

AlienVault USM review by Administrator in Government Administration
Administrator in Government Administration
Validated Reviewer
Verified Current User
Review Source

"Alienvault USM review"

What do you like best?

Nice dashboard, when setup alerts / emails work great.

What do you dislike?

Not really a dislike, but there there was quite a bit to learn to get this up and running.

What business problems are you solving with the product? What benefits have you realized?

We are tracking some alerts that are normally generated and forgotten, also cross correllation of dissimilar events is quite usefule as our staff don't have the time to do this on their own.

AlienVault USM review by Jose A.
Jose A.
Validated Reviewer
Review Source

"It has all the Tools you need for a SOC "

What do you like best?

That it uses all the tools you need in one place and a beautiful GUI to make it user friendly.

What do you dislike?

For Linux device I can install HIDS agent that easily.

What business problems are you solving with the product? What benefits have you realized?

We are a SOC so it is solving the issue have multiple tools to do one job. It is our to go system to do our jobs/

AlienVault USM review by Lucas S.
Lucas S.
Validated Reviewer
Review Source

"AlientVault USM Anywhere"

What do you like best?

The dashboards! Easy-to-use and beautiful!

What do you dislike?

Does not have all the functionality their On-Premise solutions have. Some of it is expected to be implemented in the future, but we will see.

What business problems are you solving with the product? What benefits have you realized?

We are utilizing AlienVault USM Anywhere to help us meet our ISO 27001 certification initiative and to help manage our security all in one spot.

AlienVault USM review by Industry Analyst / Tech Writer in Non-Profit Organization Management
Industry Analyst / Tech Writer in Non-Profit Organization Management
Validated Reviewer
Review Source

"Best-in-class features on a budget."

What do you like best?

AlienVault USM integrates a range of capabilities that small businesses have difficulty in integrating, setting up and interpreting. The support side is highly responsive. The threat exchange community is one of the best in the world.

What do you dislike?

The interface could use some tweaking. Web filtering capabilities could be improved.

Recommendations to others considering the product

Make the best use of the forums and support. AlienVault will give the best results if you analyze your requirements well and perform a well-informed fine-tuning.

What business problems are you solving with the product? What benefits have you realized?

Incident response and malware detection.

AlienVault USM review by Wassim S.
Wassim S.
Validated Reviewer
Review Source

"Very Informative."

What do you like best?

All of the integration parts of the Open Source products that work together seamlessly.

What do you dislike?

Sometimes the system gets overloaded and response time becomes an issue.

What business problems are you solving with the product? What benefits have you realized?

IDS, Vulnerability Scanning, Sys Logging and Event Monitoring.

AlienVault USM review by Administrator
Administrator
Validated Reviewer
Verified Current User
Review Source

"AV has changed our MSP business"

What do you like best?

Easy to use interface and configuration is fairly simple with a little bit of training.

What do you dislike?

Would like to see a better MSP dashboard for our MSP customer.

What business problems are you solving with the product? What benefits have you realized?

Immediate threats

AlienVault USM review by Internal Consultant
Internal Consultant
Validated Reviewer
Review Source

"A clever product to detect threads"

What do you like best?

Its powerful engine with awesome dashboards that let user know at first sight the alarms in each system

What do you dislike?

Maybe the price is a bit abusive for some customers and in some computers may require a great amoun tof ram

What business problems are you solving with the product? What benefits have you realized?

Centralized control for threads of systems in my company. Benefits like not to take more sw tools to monitor this kind of activities

AlienVault USM review by Administrator
Administrator
Validated Reviewer
Review Source

"Easy Install & plenty of support!"

What do you like best?

The install process was painless, and I have "No" cloud infrastructure experience Any part I was unclear about, support helped fix the issue.

What do you dislike?

Information over-kill for the none experienced....

You will forced to learn more about cloud security....

Not really a dis-like...more like unprepared...

What business problems are you solving with the product? What benefits have you realized?

Security, support, and education....

It USM found hole's in my network & helped me reconfigure more efficiently...

AlienVault USM review by Administrator in Research
Administrator in Research
Validated Reviewer
Verified Current User
Review Source

"Good for the price"

What do you like best?

The software is fairly easy to use and not clunky.

What do you dislike?

Limited bandwidth for traffic capture and space for logs

What business problems are you solving with the product? What benefits have you realized?

Mitigating threats

AlienVault USM review by Administrator in Higher Education
Administrator in Higher Education
Validated Reviewer
Verified Current User
Review Source

"AlienVault USM"

What do you like best?

Reporting and Alerts configurable and complete

What do you dislike?

complexity of configuration. Felt it was required to attend training.

Recommendations to others considering the product

Attend admin training

What business problems are you solving with the product? What benefits have you realized?

Verification of security of our network

AlienVault USM review by Administrator in Higher Education
Administrator in Higher Education
Validated Reviewer
Review Source

"Simplifies Security in our enviroment"

What do you like best?

I like most the Threat Intelligence feature who identifythe latest threats because of the updating every 30 mins.

What do you dislike?

There is nothing to dislike, some features needs improvment but what i see all the years i use Alienvault is there is a continuing improvement of the product.

What business problems are you solving with the product? What benefits have you realized?

Im solving problems with hacking attempts, detecting malware inside the network, fixing vulnerability problems on the critical servers and

AlienVault USM review by Administrator in Utilities
Administrator in Utilities
Validated Reviewer
Verified Current User
Review Source

"Alienvault USM"

What do you like best?

Ease of deployment and visibility into traffic in and out of the network.

What do you dislike?

Sometimes the virus/malware information is cryptic.

What business problems are you solving with the product? What benefits have you realized?

Visibility into network traffic, vulnerability scanning, intrusion detection.

AlienVault USM review by Administrator in Financial Services
Administrator in Financial Services
Validated Reviewer
Review Source

"Alien adult made us safer than ever"

What do you like best?

Easy to setup and intuitive right out of the box. It’s not just a tagline

What do you dislike?

I’ve set this up a few times and I don’t have any major complaints with the software.

However, I feel the training price could be a little more reasonable

Recommendations to others considering the product

Just try it, you’ll like it

What business problems are you solving with the product? What benefits have you realized?

Internal penetration testing and vulnerability scanning

AlienVault USM review by Administrator
Administrator
Validated Reviewer
Review Source

"AlienVault in library"

What do you like best?

It provide concentrated logs for aws and onsite devices.

What do you dislike?

Have to get used to search properly logs to get what you need.

Recommendations to others considering the product

DO all POC and choose the best which fits your requirements in that time.

What business problems are you solving with the product? What benefits have you realized?

Logging system and IDS inspection on servers in AWS.

AlienVault USM review by Administrator in Information Technology and Services
Administrator in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source

"Best SIEM "

What do you like best?

-correlation present

-alarm on mail

-create different rules

What do you dislike?

when we put logs from external devices its little bit takes time

Recommendations to others considering the product

- best SIEM with required functionality in 2017

What business problems are you solving with the product? What benefits have you realized?

- any security related issue in network environment

-any traffic is malicious that we capture using AV

AlienVault USM review by Administrator in Retail
Administrator in Retail
Validated Reviewer
Review Source

"AlienVault stable powerhouse"

What do you like best?

Able to see all threats on a single pane

What do you dislike?

Like to be able to create a custom dashboard

Recommendations to others considering the product

Buy one today

What business problems are you solving with the product? What benefits have you realized?

Threat detection

Learn more about AlienVault USM

AlienVault USM Videos

Kate from G2 Crowd

Learning about AlienVault USM?

I can help.
* We monitor all AlienVault USM reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.