What users are saying about

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings
Top Rated
100 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101
Top Rated
100 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault is most probably the best choice for smaller companies with up to 200 assets, which have limited resources in security personnel and are looking for an easy-to-implement, easy-to-run and easy-to-use SIEM including a "detection ecosystem". If you are highly skilled and very sophisticated (and you have the time too), you better run all the components, each as a stand-alone solution and feed their results into an ELK stack. If you are looking for something in between: AlienVault is customizable too! You can go down on a very system level (they call it jail-breaking, ouch!), and get on a config spree, but be warned: The next update can break your changes. You need to know what you can so and what not, but once you understand where you can go, and where not, AlienVault becomes a friend for a lifetime.
Christian B. Caldarone profile photo

SCCM

Config Manager is particularly well suited to larger environments where the flexibility and power of the product can be fully realised. It is one of those products that would benefit from a dedicated staff resource.I do not think that Systems Center Configuration Manager is a good product to recommend to smaller business (e.g. those in single offices with fewer than 400 devices).
Muhammad Mulla profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
SCCM
Centralized event and log data collection
AlienVault USM
8.0
SCCM
Correlation
AlienVault USM
8.0
SCCM
Event and log normalization
AlienVault USM
8.0
SCCM
Deployment flexibility
AlienVault USM
7.0
SCCM
Custom dashboards and views
AlienVault USM
6.0
SCCM
Host and network-based intrusion detection
AlienVault USM
7.0
SCCM

Pros

  • Alarms dashboard provides a great overview of all alerts, makes it easy to see what I need to focus on and what is noise
  • Easily connects to all my desktops/servers using the HIDS agent, makes it simple to get setup
  • As a solution, it was relatively cheap in comparison to it's competitors.
Marc Roche, MBA, CISSP, CCSP profile photo
  • SCCM has a very strong user community.
  • One of SCCM's best feature would be the ability to push software through packages to multiple computers at once.
  • What I like best about this release is the added powershell support.
No photo available

Cons

  • Although the creation of custom report modules is powerful and easy, incorporating them into reports that are readable by non-technical staff without some interpretation is not so easy. Section headers can't be customized, and full log events cannot be presented in reports.
  • Normalization (extraction/parsing of log fields and mapping them to actionable fields in the SIEM) needs to be done in further detail. There are times when I want to search on a particular field in a log, and can't do it because it's not normalized. I'm sure that it's a bit of a cat and mouse game with device vendors and operating systems, but more actionable fields in the database would be better. Fortunately, I can go into the underlying Linux system and do it myself, but it is quite time consuming to do so.
  • A faster, more convenient way to weed out false positives would speed up the journey to SIEM success. I envision an interface similar to Micorosoft Outlook's rules, in which an analyst can look at an alarm from the USM, select the criteria on which she wants to suppress the event, create the rule, then hit a button to "delete existing alarms that match these criteria". I've shared this vision with AlienVault, and have my fingers crossed for the next version.
Kevin Geil profile photo
  • Looks a bit complex for new users
Andrey Perepelitsyn profile photo

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
The centralized logging and retention for PCI compliance was our main driver, and it is meeting that need. Otherwise there has been enough frustration with the lack of documentation and the need to customize through the CLI that I would be open to alternatives.
Aaron Rothstein profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
Not enough documentation, non-descript error messages, and too much required to be done at the command line for an "appliance".
Aaron Rothstein profile photo
No score
No answers yet
No answers on this topic

Performance

AlienVault USM7.3
Based on 3 answers
No answer on this topic is available.
SCCM7.0
Based on 2 answers
I've given this rating because once you start Microsoft System Center Configuration Manager, it takes a little while to open and sometimes to open collections as well. Other than this, it's performance is fairly good. I haven't used features other than patching, software deployment, and asset tracking though, so I can't provide an in-depth review of its performance. For what I use, it's fairly good.
No photo available

Support

AlienVault USM7.6
Based on 24 answers
Only had to use this once, and they had us back on track in an hour or so. They followed up the day after to make sure all was still working, great team.
Jason Cresswell profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
Initial implementation was okay, but we should have gone on the one week course first as an understanding of the features and what to look for would have been of great use. This is especially relevant when fine tuning and correlating events and creating parsers.Once set up the system is pretty resilient and adding in configuration is quite an easy process. We only had on the odd few occasions had to progress any set up problems to tech support.There are also some great whitepapers and set up articles on AlienVault's website support.
Philip Clarke profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

We were looking at other solutions, but ultimately the sales demo we received for AlienVault looked good and was at a MUCH better price point than the alternatives we evaluated. We are also intrigued by the additional capability of vulnerability scanning.
Aaron Rothstein profile photo
Microsoft SCCM was selected because Microsoft provides a great pricing feature and explicit documentation, to start working with the product quickly and avoid huge impact to processes. No other vendors can propose something meeting all our business requirements.
Andrey Perepelitsyn profile photo

Return on Investment

No answers on this topic
  • We were short staffed and this allowed us to install software and image machines where we needed 2 more FTEs. This was able to do that process with very little human interaction and reduced our need to hire more employees.
  • Nurses and front line staff who were registering patients needed IT to very quickly remote into their machine and fix problems and the remote assistance to help us resolve problems faster than and remote assistance tool we found. There is an option to allow direct access with or without asking permission. Our staff didn't want the software to ask permission, they just wanted the problem fixed.
  • Our EMR vendor releases patches all the time and we were going around to each PC installing the patches one by one. This allowed us to push out the software to all machines and get a detailed report on success and failure.
No photo available

Screenshots

SCCM

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

SCCM

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

SCCM More Information