What users are saying about

AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

329 Ratings

IBM QRadar

18 Ratings

AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

329 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.9 out of 101

IBM QRadar

18 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

In my organization's scenario, the on-premise appliance provides great value as we are a small company with site inter-connectivity. Where I am not too sure of is how exactly the product scales with very large networks with separate Windows and network domains.
AJ Gumataotao profile photo

IBM QRadar

Due to the strength, robustness, and cost of a solution like this, I believe it is best suited for large businesses and enterprises. While a medium sized business would find value for sure, this system is not for the faint of heart or pocketbook. Qradar is well suited for environments with a lot of incoming data where manual analysis might not be an option.
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
IBM QRadar
7.1
Centralized event and log data collection
AlienVault USM
8.0
IBM QRadar
8.0
Correlation
AlienVault USM
8.0
IBM QRadar
7.8
Event and log normalization
AlienVault USM
8.0
IBM QRadar
6.5
Deployment flexibility
AlienVault USM
7.0
IBM QRadar
6.9
Custom dashboards and views
AlienVault USM
6.0
IBM QRadar
6.8
Host and network-based intrusion detection
AlienVault USM
7.0
IBM QRadar
7.8
Integration with Identity and Access Management Tools
AlienVault USM
IBM QRadar
6.1

Pros

  • Up to this point, I have had no issues integrating with a system we currently have in production. while AlienVault stays on top with plugin updates.
  • Te dashboard is very informative when you figure out how to navigate around it and tweaked to your organization needs.
  • Correlation of events is probably my favorite as I normally only need to jump on the AlienVault dashboard to hammer down on network traffic/activity details.
AJ Gumataotao profile photo
  • Rule creation is intuitive and fast which helps during emergency situations.
  • Platform maintenance is very light while the appliance has nearly flawless uptime.
  • Report generation is very functional and efficient.
No photo available

Cons

  • At times I do find navigating the dashboard for very specific functions to be difficult.
  • For entry level security analysts or administrators I feel can get overwhelmed with the amount of data available from a single platform (in a good way)
  • helpful to understand Linux for certain tasks
AJ Gumataotao profile photo
  • There is a steep learning curve compared to other platforms. Qradar is incredibly powerful but does require some homework.
  • There is a glaring lack of threat feed utilization outside of STIXX/TAXII which remains very limited at this time.
  • May require a considerable amount of tuning during deployment with very little "out of the box" offense information.
No photo available

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a great product and has been instrumental to our security posture.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
The product once properly configured seems to offer a wealth of information but has it's issues. I feel that the initial setup/ installation should include technical support to get up and running. My personal experience from the configuration as installed indicates that the network adaptors are not properly configured to read information. The network ports where configured to only ready 1/2 the network?? So having help to get the system up and running should be part of the initial purchase.
James Ellsworth profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
They have helped resolve a lot of issues, but then there are cases where I am referred to look at documentation for open source components maintained by parties outside of AlienVault.
Aaron Rothstein profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
Anything beyond a vanilla deployment will take a lot of effort.
Aaron Rothstein profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

None at the time as the product was purchased before I joined the organization.
AJ Gumataotao profile photo
With IBM supplying this solution, you're inherently getting the globally recognized IBM support environment as well. As an enterprise solution, Qradar is among stiff competition but the reliability and availability make it a cut above the rest. While I also recommend AlienVault for small-medium sized businesses, there aren't many others that afford the same experience and piece of mind.
No photo available

Return on Investment

No answers on this topic
  • Faster response times
  • Global scalability
  • High cost of implementation
No photo available

Screenshots

IBM QRadar

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

IBM QRadar

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

IBM QRadar More Information