What do you like best?
1. It's an appliance.
2. It's easy to setup.
3. It's a ton of information.
4. Integrated ticketing system allows for assignment of vulns and closure.
5. UI is good. Easy to use.
What do you dislike?
1. Customization capabilities are limiting:
- We want the AlienVault to be the dashboard for state of health. You get some things.
- Reports are good, but that data can't be put on the dashboard in many cases.
2. AlienVault has BI capabilities, but doesn't leverage BI on the dashboard effectively.
3. AlienVault advertises it's central solution for InfoSec. True for SIEM, but not true for many other aspects. Frustratingly, it could be as the solution is very capable through it's modularity of functions.
Recommendations to others considering the product
1. Give it a chance. It has many features that compete with other more expensive products, like Rapid7.
2. Work with the sales engineering team to put the product through it's paces in POC.
3. Negotiate training when purchashing. Training is essential for full experience.
What business problems are you solving with the product? What benefits have you realized?
1. Security Vulnerability Assessment and tracking of production systems.
2. SIEM Logging and alerting of all security products.
3. Monthly reporting audit requirements.