What users are saying about

AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

327 Ratings

AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

327 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.9 out of 101

FireEye Security Suite

18 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.6 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

FireEye Security Suite

FireEye is the obvious solution if a company is having trouble with threats getting in via mail attachments. We use Office 365 and initially subscribed to their attachment scanning product. Users immediately started complaining it would take a minimum of 3 minutes and sometimes as long as 12 hours to receive their attachments. This rate of time was unacceptable. So we did a POC with FireEye and immediately saw that attachments were processed on average in 30 seconds but at the most, around 1.5 minutes. We were convinced after that.
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
FireEye Security Suite
Centralized event and log data collection
AlienVault USM
8.0
FireEye Security Suite
Correlation
AlienVault USM
8.0
FireEye Security Suite
Event and log normalization
AlienVault USM
8.0
FireEye Security Suite
Deployment flexibility
AlienVault USM
7.0
FireEye Security Suite
Custom dashboards and views
AlienVault USM
6.0
FireEye Security Suite
Host and network-based intrusion detection
AlienVault USM
7.0
FireEye Security Suite

Pros

  • The SIEM does a good job of correlating network data from multiple sources along with the Data from deployed HIDS
  • The Nmap scan is fast and non-invasive that defines devices on your network.
  • The vulnerability scanning has several options and reports to enable data to be available for compliance purposes.
Clark Crain profile photo
  • Advanced Threat Protection
  • Malware prevention
  • Spam filtering
No photo available

Cons

  • Vulnerability Scanner reporting: The reporting from the integrated scanner (OpenVAS) are really difficult to read. They could have done a better job by scraping the report or creating a custom report from the data of the scan. However, leaving the default report template from OpenVAS makes the report somewhat useless.
  • Sometimes the local integration fails because of the scope of the tool. Let me elaborate on that: The OpenVAS scanner has certificated that expire within a year, and that makes the USM fail scans if you don't renew certificates yourself. They should have made them last at least 10 years. Same with Nagios, sometimes the integration fails and one doesn't know why unless you jailbreak it and find out in the logs for sure.
  • They do not provide a standalone installation of the product, because they modified so much the Linux distribution, that it must always be deployed as a virtual machine or appliance, but not on your own server.
Ivan Montilla Miralles profile photo
  • Custom rules could have more options
  • I'd like to have the ability to search for attachment names
  • Interface could be a bit easier to use but it's pretty easy already
No photo available

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a great product and has been instrumental to our security posture.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
The product once properly configured seems to offer a wealth of information but has it's issues. I feel that the initial setup/ installation should include technical support to get up and running. My personal experience from the configuration as installed indicates that the network adaptors are not properly configured to read information. The network ports where configured to only ready 1/2 the network?? So having help to get the system up and running should be part of the initial purchase.
James Ellsworth profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
Only had to use this once, and they had us back on track in an hour or so. They followed up the day after to make sure all was still working, great team.
Jason Cresswell profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
Initial implementation was okay, but we should have gone on the one week course first as an understanding of the features and what to look for would have been of great use. This is especially relevant when fine tuning and correlating events and creating parsers.Once set up the system is pretty resilient and adding in configuration is quite an easy process. We only had on the odd few occasions had to progress any set up problems to tech support.There are also some great whitepapers and set up articles on AlienVault's website support.
Philip Clarke profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

AlienVault USM works well for any company size. LogRhythm might be too much if your company is not already big, and the same can be said of McAfee Enterprise Security Manager. If this is your first SIEM, it's a really good choice and has nothing to envy from the others I'm comparing it with. I also recommend the cloud version of AlienVault, the USM Anywhere, which the interface is a bit different, but the principles remain the same. Also, the McAfee Enterprise Security Manager has a Flash-based interface, for which Adobe is phasing out. AlienVault USM is HTML5 and can even be used mobile.
Ivan Montilla Miralles profile photo
Advanced Threat Protection, or ATP in Office 365 was awful. Some attachments wouldn't be delivered at all while others took minutes and sometimes hours to be delivered after being scanned. It was causing us to lose business. FireEye processes attachments in less than 60 seconds in most cases. We now have buy in from employees to scan attachments since it's hardly noticeable to them
No photo available

Return on Investment

No answers on this topic
  • FireEye was seen as an immediate benefit because of the amount of time it saved in email delivery
  • Massive ROI becuase we were losing business with the email delays
  • Reduced many complaints from general users
No photo available

Screenshots

FireEye Security Suite

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

FireEye Security Suite

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

FireEye Security Suite More Information