What users are saying about

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.9 out of 101
3 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.1 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

Skybox Security

I can't think where Skybox is not appropriate - maybe in smaller companies depending on fund availability. The developers are constantly improving and getting the system to where it needs to be for management of next-generation firewalls and audit support.
Alex Waitkus, CISSP-ISSAP, OSCP profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Skybox Security
Centralized event and log data collection
AlienVault USM
8.0
Skybox Security
Correlation
AlienVault USM
8.0
Skybox Security
Event and log normalization
AlienVault USM
8.0
Skybox Security
Deployment flexibility
AlienVault USM
7.0
Skybox Security
Custom dashboards and views
AlienVault USM
6.0
Skybox Security
Host and network-based intrusion detection
AlienVault USM
7.0
Skybox Security

Pros

  • AlienVault USM Anywhere is easy to deploy with their cloud-based model and deploying the required agents on-prem (or in the cloud) is quick and easy.
  • Custom rules allow for alerting based on content from events and you can even trigger agents in response to threats, shutting down computers or grabbing forensic info for incident response.
  • USM Anywhere also takes care of reporting for ISO and PCI, allowing you to pull reports for auditors at a moment’s notice.
  • With many integrations out-of-the-box, you can pull in all the data from products you use and other sources, such as Amazon CloudWatch Logs.
Matthew White profile photo
  • Skybox manages compliance for firewalls better than we have seen with other tools.
  • Skybox integrates into standard change management tools so change control can flow through Skybox and assist with all decisions to implement a change.
  • The Skybox network map is more detailed than other management tools showing us paths other tools didn't find.
Alex Waitkus, CISSP-ISSAP, OSCP profile photo

Cons

  • We would love to be able to create custom rules based on a series of events, to create rule-sets where, for example, failed logins to the VPN Server are logged and then when a successful attempt follows soon after, it triggers an alarm for a Brute Force. It does this for things like OKTA already, so control over which events this applies to would be great.
  • More data tiers - something between 250GB and 500GB tiers, maybe break it down into 100GB tiers?
  • Integration with OpsGenie would be great.
Matthew White profile photo
  • The management console could use work - move away from Java to HTML5 to something more lightweight
  • Dynamic objects are not properly identified in Skybox
Alex Waitkus, CISSP-ISSAP, OSCP profile photo

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
Still after the original product view AlienVault is still ahead of the game and have added even more capabilities
Philip Clarke profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
The system is great in turns of functionality but in terms of being user friendly and usability for the average person it is very hard to understand and wil take a lot of training.
Mikhail Suleymanov profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
Only had to use this once, and they had us back on track in an hour or so. They followed up the day after to make sure all was still working, great team.
Jason Cresswell profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
Anything beyond a vanilla deployment will take a lot of effort.
Aaron Rothstein profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

I felt that AlienVault performed the SIEM aspect as well as the one mentioned. My opinion has always been that the SIEM product is as good as the person using it is experienced. I selected AlienVault because of the many added features.
Clark Crain profile photo
Skybox performs better than Tufin and RedSeal and while AlgoSec performs as well, it requires far more manual configuration and customization than Skybox
Alex Waitkus, CISSP-ISSAP, OSCP profile photo

Return on Investment

No answers on this topic
  • Skybox is in pilot
  • Positive ROI is in change management
Alex Waitkus, CISSP-ISSAP, OSCP profile photo

Screenshots

Skybox Security

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Skybox Security

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Skybox Security More Information