AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
336 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
336 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101
4 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.7 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

I think AlienVault USM is well suited for a medium size company where there are remote sites. The star configuration deployment would work very well. I would need to see how AlienVault would perform on a large multi-national company if headquarters wanted to correlate all data.
Clark Crain profile photo

Palo Alto Networks URL Filtering PAN-DB

  • Great for workplace filtering.
  • Not school specific but can be used for that too.
Kaitlyn Wright profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Palo Alto Networks URL Filtering PAN-DB
Centralized event and log data collection
AlienVault USM
8.0
Palo Alto Networks URL Filtering PAN-DB
Correlation
AlienVault USM
8.0
Palo Alto Networks URL Filtering PAN-DB
Event and log normalization
AlienVault USM
8.0
Palo Alto Networks URL Filtering PAN-DB
Deployment flexibility
AlienVault USM
7.0
Palo Alto Networks URL Filtering PAN-DB
Custom dashboards and views
AlienVault USM
6.0
Palo Alto Networks URL Filtering PAN-DB
Host and network-based intrusion detection
AlienVault USM
7.0
Palo Alto Networks URL Filtering PAN-DB

Pros

  • Centralizing and aggregating logs from sources of all types
  • Searching through real-time and long-term events
  • Flexibility and customization (Linux OS with open source tools, open for whatever hacking you desire)
Jon Armani profile photo
  • Granular filtering with specific categories
  • Constantly updated
  • Alerts you when new categories are added
Kaitlyn Wright profile photo

Cons

  • Although the creation of custom report modules is powerful and easy, incorporating them into reports that are readable by non-technical staff without some interpretation is not so easy. Section headers can't be customized, and full log events cannot be presented in reports.
  • Normalization (extraction/parsing of log fields and mapping them to actionable fields in the SIEM) needs to be done in further detail. There are times when I want to search on a particular field in a log, and can't do it because it's not normalized. I'm sure that it's a bit of a cat and mouse game with device vendors and operating systems, but more actionable fields in the database would be better. Fortunately, I can go into the underlying Linux system and do it myself, but it is quite time consuming to do so.
  • A faster, more convenient way to weed out false positives would speed up the journey to SIEM success. I envision an interface similar to Micorosoft Outlook's rules, in which an analyst can look at an alarm from the USM, select the criteria on which she wants to suppress the event, create the rule, then hit a button to "delete existing alarms that match these criteria". I've shared this vision with AlienVault, and have my fingers crossed for the next version.
Kevin Geil profile photo
  • Does require some filtering knowledge to understand the structure
  • Have to use PUTTY to check the category a website is
Kaitlyn Wright profile photo

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a great product and has been instrumental to our security posture.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
The product once properly configured seems to offer a wealth of information but has it's issues. I feel that the initial setup/ installation should include technical support to get up and running. My personal experience from the configuration as installed indicates that the network adaptors are not properly configured to read information. The network ports where configured to only ready 1/2 the network?? So having help to get the system up and running should be part of the initial purchase.
James Ellsworth profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
They have helped resolve a lot of issues, but then there are cases where I am referred to look at documentation for open source components maintained by parties outside of AlienVault.
Aaron Rothstein profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
Anything beyond a vanilla deployment will take a lot of effort.
Aaron Rothstein profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

We were looking at other solutions, but ultimately the sales demo we received for AlienVault looked good and was at a MUCH better price point than the alternatives we evaluated. We are also intrigued by the additional capability of vulnerability scanning.
Aaron Rothstein profile photo
Kaitlyn Wright profile photo

Screenshots

Palo Alto Networks URL Filtering PAN-DB

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Palo Alto Networks URL Filtering PAN-DB

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Palo Alto Networks URL Filtering PAN-DB More Information