What users are saying about

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings
6 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101
6 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 6.3 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

Darktrace

In my opinion, based on what I saw, the product is not ready for prime time yet. The GUI interface was slick but very difficult to use. There was no reporting capability. There was no availability to integrate other products or share data easily. The people were very nice and easy to work with - but in my opinion, no one who worked on developing the product has spent any time on a day-to-day basis in the trenches. While I get the brain trust behind the product (and it is very, very impressive), there is still a disconnect between the developers and the end-users. For the cost of the product (quite expensive), the end user base is not going to be satisfied with the product, especially since I can get the same, and better, information from other products.
Matthew Frederickson profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Darktrace
Centralized event and log data collection
AlienVault USM
8.0
Darktrace
Correlation
AlienVault USM
8.0
Darktrace
Event and log normalization
AlienVault USM
8.0
Darktrace
Deployment flexibility
AlienVault USM
7.0
Darktrace
Custom dashboards and views
AlienVault USM
6.0
Darktrace
Host and network-based intrusion detection
AlienVault USM
7.0
Darktrace

Pros

  • AlienVault enables integration with external technologies, thereby broadening its scope and possibilities.
  • AlienVault has a dashboard customization and reporting scheme that makes it flexible to query your data, allowing you to model the tool according to your needs.
  • AlienVault will make you forget the need to consult some information on AWS Cloudtrail. It extracts the data from there and delivers in a much more efficient way.
  • With a single tool you can monitor your cloud and on-premises environment.
Erlon Sousa Pinheiro profile photo
  • It did an ok job of analyzing and collecting data. It used a span (mirrored) port and then using its own algorithm developed flow records.
  • It did an ok job of segmenting traffic into networks - not always correctly, but ok.
  • It tried to identify devices by type - once again, it did ok, but not that great.
Matthew Frederickson profile photo

Cons

  • Walking through all the devices after a Nmap or device discovery scan can be tedious to get the data correct
  • When deploying HIDS, it would be better if the system gave more detail as to the deployment error
  • Offline updating of licenses can be a little time-consuming
Clark Crain profile photo
  • Really had a poor time of identifying devices and what the device's purpose was - a simple nmap scan did a better job. The problem is they expect you to fine-tune the results - which is exactly what you would expect - but day one it found over 2,000 servers (and I only have 112).
  • Really had a hard time separating network traffic into locations - I use distinct subnets for my buildings, but there was no good way to create a logical map of my traffic internally. Did not garner a sense of trust that it was seeing everything.
  • Sat through a few "analyst" reports - which showed me possible threats in my environment. I am already using a few open source tools, and they actually found more than the analyst reports. Also, there was no way to get the reports on your own - you had to work through their analysts to get the information.
Matthew Frederickson profile photo

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a great product and has been instrumental to our security posture.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
We have been using AlienVault USM Appliance for nearly 3 years. The power and flexibility of the device for IPS and IDS is amazing. We are able to identify threats and stop them before damage can be done.
Randy Kouns profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
I have contacted support many times and every time they addressed the issue and continued until it was resolved. The product is solid, so the overall operation is trouble free.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
Initial deployment was great compared to all the research I had read about deploying SIEM solutions. The basic setup gives excellent information about what is occurring on your enterprise network.
Russel Beckham profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

USM has all the bells and whistles in a unified package of many of the bigger systems at a price point small companies can afford.
Thomas Vaughan profile photo
We did NOT select Darktrace. OSSIM/AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.
Matthew Frederickson profile photo

Return on Investment

No answers on this topic
  • None - we chose not to move forward. The price of the product did not warrant the investment.
Matthew Frederickson profile photo

Screenshots

Darktrace

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Darktrace

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Darktrace More Information