AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

329 Ratings

AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

329 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.9 out of 101

McAfee Enterprise Security Manager

22 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 6.8 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

McAfee Enterprise Security Manager

I would make a cautionary recommendation. If you're heavily invested in a McAfee product line, the McAfee Enterprise Security Manager is a natural fit and you probably already understand the risk of working with them. If you are greenfield looking for a SIEM, I would advise documenting your use cases very well, because you may find yourself doing a new implementation down the road.
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
McAfee Enterprise Security Manager
7.0
Centralized event and log data collection
AlienVault USM
8.0
McAfee Enterprise Security Manager
9.0
Correlation
AlienVault USM
8.0
McAfee Enterprise Security Manager
8.8
Event and log normalization
AlienVault USM
8.0
McAfee Enterprise Security Manager
7.6
Deployment flexibility
AlienVault USM
7.0
McAfee Enterprise Security Manager
4.6
Custom dashboards and views
AlienVault USM
6.0
McAfee Enterprise Security Manager
4.8
Host and network-based intrusion detection
AlienVault USM
7.0
McAfee Enterprise Security Manager
7.0
Integration with Identity and Access Management Tools
AlienVault USM
McAfee Enterprise Security Manager
7.5

Pros

  • AlienVault USM Anywhere is easy to deploy with their cloud-based model and deploying the required agents on-prem (or in the cloud) is quick and easy.
  • Custom rules allow for alerting based on content from events and you can even trigger agents in response to threats, shutting down computers or grabbing forensic info for incident response.
  • USM Anywhere also takes care of reporting for ISO and PCI, allowing you to pull reports for auditors at a moment’s notice.
  • With many integrations out-of-the-box, you can pull in all the data from products you use and other sources, such as Amazon CloudWatch Logs.
Matthew White profile photo
  • McAfee Enterprise Security Manager has a large library of pre-made correlations that reduces the amount of work needed to make it functional.
  • This is a core McAfee product that is still getting support.
  • It has a substantial amount of compatibility and integration with other products.
No photo available

Cons

  • We would love to be able to create custom rules based on a series of events, to create rule-sets where, for example, failed logins to the VPN Server are logged and then when a successful attempt follows soon after, it triggers an alarm for a Brute Force. It does this for things like OKTA already, so control over which events this applies to would be great.
  • More data tiers - something between 250GB and 500GB tiers, maybe break it down into 100GB tiers?
  • Integration with OpsGenie would be great.
Matthew White profile photo
  • If there is a requirement to integrate into other vendor products i.e. (log sharing) then this was very cumbersome.
  • Integration of vulnerability scanning that is available in other vendor products would be a good addition.
  • When integrating all of Intel's products a third party consultancy is usually required, where other vendor products can be configured without this additional cost.
Philip Clarke profile photo

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a great product and has been instrumental to our security posture.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
Only because there is a lot configuring to get it running
Cary Good profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
I find their support to be excellent. From the FAQ's to the tech docs, it is very easy to resolve most issues. The few times we worked with a support technician, they were always quick to resolve our issue. We are very pleased with the overall level of support!
Chuck Bardram profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
I have been satisfied with the service and the AWS for USM product. I am a bit concerned about the changing of product to the USM Anywhere and its price structure. I am hoping that we can keep our current price structure without any hidden costs. Other than that the sales team has worked very hard to give us a comparable price to the AWS for USM product. I also hope the the USM Anywhere is easy to use but has the same FIM features. Regardless, The USM team is extremely helpful, attentive and persistent. I would recommend them to anyone needing a product like theirs but was not concerned about price.
Alexi Carey profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

None at the time as the product was purchased before I joined the organization.
AJ Gumataotao profile photo
We looked at a few products, these were AlienVault, ESM, LogRhythm and Alert Logic.ESM at the time had more functionality and a friendlier and cleaner user interface than LogRhythmESM had an ability to integrate easily into Intel's endpoint solution versus AlienVault where a parser would have to be written, though AlienVault's inclusion of vulnerability management and IDS made it stand out from some of the others.ESM had a better correlation engine and log drill through than Alert Logic, and in our scenario we were not looking for a hosted solution at the time.ESM has a good network of partners and in the event a managed service is required the transition to this is made very easily.
Philip Clarke profile photo

Return on Investment

No answers on this topic
  • Centralisation of events form NIDS/IPS/IDS, Firewall(s), Web Proxy and Endpoint
  • Ability to have third party management
  • Actively upgraded product with good vendor support
Philip Clarke profile photo

Screenshots

McAfee Enterprise Security Manager

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

McAfee Enterprise Security Manager

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

McAfee Enterprise Security Manager More Information