AlienVault USM vs FortiSIEM

• AlienVault USM Anywhere is easy to deploy with their cloud-based model and deploying the required agents on-prem (or in the cloud) is quick and easy.
• Custom rules allow for alerting based on content from events and you can even trigger agents in response to threats, shutting down computers or grabbing forensic info for incident response.
• USM Anywhere also takes care of reporting for ISO and PCI, allowing you to pull reports for auditors at a moment’s notice.
• With many integrations out-of-the-box, you can pull in all the data from products you use and other sources, such as Amazon CloudWatch Logs.

Read full review

• Log aggregation and analytics
• CMDB
• Device inventory and remote management .
• It can be used by Managed Security Providers who have multiple customers as it offers multi organization support .

Read full review

• At times I do find navigating the dashboard for very specific functions to be difficult.
• For entry level security analysts or administrators I feel can get overwhelmed with the amount of data available from a single platform (in a good way)
• helpful to understand Linux for certain tasks

Read full review

• Non-intuitive/unattractive user interface
• Too many features that will usually remain unused
• Very crowded (too many icons) portal
• The reporting feature is confusing, e.g. you have to click on the "refresh" button to get the result of your inquiry. The report generation process can be much easier, as the user interaction is not pleasant.

Read full review

• Other SIEM solutions were cost prohibitive at the time of purchase (2016).
• Just like any other SIEM, it helped draw a better picture of our current security posture.

Read full review