AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
335 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
335 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101
6 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.9 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

Since AlienVault is a versatile tool, having versions for various cloud providers as well as virtualization frameworks, it adheres to the most diverse scenarios. Another strong point to be highlighted is how the company is constantly improving the product. AlienVault is famous for the effort the company puts behind the tool, and it is being improved constantly by adding new resources.
Erlon Sousa Pinheiro profile photo

Palo Alto Networks Threat Protection

I think threat prevention on a certain level could be used in all Palo Alto deployments (even if just alerting without blocking).
Alex Waitkus, CISSP-ISSAP, OSCP profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Palo Alto Networks Threat Protection
Centralized event and log data collection
AlienVault USM
8.0
Palo Alto Networks Threat Protection
Correlation
AlienVault USM
8.0
Palo Alto Networks Threat Protection
Event and log normalization
AlienVault USM
8.0
Palo Alto Networks Threat Protection
Deployment flexibility
AlienVault USM
7.0
Palo Alto Networks Threat Protection
Custom dashboards and views
AlienVault USM
6.0
Palo Alto Networks Threat Protection
Host and network-based intrusion detection
AlienVault USM
7.0
Palo Alto Networks Threat Protection

Pros

  • Up to this point, I have had no issues integrating with a system we currently have in production. while AlienVault stays on top with plugin updates.
  • Te dashboard is very informative when you figure out how to navigate around it and tweaked to your organization needs.
  • Correlation of events is probably my favorite as I normally only need to jump on the AlienVault dashboard to hammer down on network traffic/activity details.
AJ Gumataotao profile photo
  • The threat engine has constant updates for important threats.
  • Wildfire helps supplement the Threat engine to help protect against 0 day threats.
  • The way the threat engine can be added at different levels to different zones and policies helps to ensure business essential traffic can have policies that are tuned to ensure traffic will flow.
Alex Waitkus, CISSP-ISSAP, OSCP profile photo

Cons

  • Because AlienVault USM combines several well know components, you have to life with the fact, that they are not in their latest version, i.e. the integrated OSSEC, which should be replaced with the OSSEC-Wazuh fork instead.
  • Due to the all-in-one approach, the solution is quite resource hungry. You have to have a decent machine to run it.
  • The reporting module is nice, but sometimes it is quite a challenge to configure a custom report as you will only get the results you want after a trial and error run.
Christian B. Caldarone profile photo
  • Visibility into signatures and how they function/what triggers them would be very beneficial.
  • Lacking customizability compared to other tools.
  • Inability to write custom signatures easily and for traffic with small (less than 8 bit) signatures.
Alex Waitkus, CISSP-ISSAP, OSCP profile photo

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a very well built software and solution for meeting our cybersecurity needs. The staff is always very well responsive with any issues that we have and it is perfect for satisfying FINRA's cybersecurity regulations.
Mikhail Suleymanov profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
Almost all functions are intuitive, custom logging is not very easy to configure.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
Only had to use this once, and they had us back on track in an hour or so. They followed up the day after to make sure all was still working, great team.
Jason Cresswell profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
The one thing to remember is where to place the sensors within your organization. It is one thing to collect and analyze data, but collecting the right data is key. This is where AlienVaults experts really help. Instead of trying to sell you a gazillion sensors, they walk you through your network to make sure he sensors are where they need to be so you can achieve your goal. Implementation works so well because they take the time upfront to know your goals before they help you achieve them.
Matthew Frederickson profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

We looked at a number of other products besides AlienVault. Most of them were software packages that had OK reviews, but would have been costly to implement and time-consuming to maintain. AlienVault was an all-in-one appliance, though it comes in a virtual machine that you can run as well. We chose the USM because of our virtualization resources were getting pretty tight at the time we chose AlienVault, and we prefer hardware appliances.
Christopher Taylor profile photo
It is comparable but not as robust as other stand alone IPS/IDS.
Alex Waitkus, CISSP-ISSAP, OSCP profile photo

Return on Investment

No answers on this topic
  • New deployment hasn't been fully calculated yet.
  • With the addition of Panorama and central logging, event investigation has become more streamlined.
Alex Waitkus, CISSP-ISSAP, OSCP profile photo

Screenshots

Palo Alto Networks Threat Protection

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Palo Alto Networks Threat Protection

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Palo Alto Networks Threat Protection More Information