What users are saying about

AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

329 Ratings

AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

329 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.9 out of 101

Skybox Security

3 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.2 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

Skybox Security

In a big environment with many server ad network appliances, Skybox works very well to prioritize vulnerabilities in a smart mode and to have a network sight in terms of discovering security holes.It's not useful for a small company because the cost is expensive and it's possible to make the three tasks above manually.
Gabriele Angeli profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Skybox Security
Centralized event and log data collection
AlienVault USM
8.0
Skybox Security
Correlation
AlienVault USM
8.0
Skybox Security
Event and log normalization
AlienVault USM
8.0
Skybox Security
Deployment flexibility
AlienVault USM
7.0
Skybox Security
Custom dashboards and views
AlienVault USM
6.0
Skybox Security
Host and network-based intrusion detection
AlienVault USM
7.0
Skybox Security

Pros

  • AlienVault USM is based on well-known Open Source components, which each for itself, represents a quasi industry standard
  • Integration into the existing infrastructure works like a charm. Basically you just need to roll-out an OSSEC client to each server or PC and you have already a pretty high coverage of security information and events. They immediately show up in the AlienVault Webinterface
  • Due to the countless plugins, it is very easy to add network devices like firewalls, router, switches, but also servers running apache and the alike. You will just need to forward syslog and it will all appear in your AlienVault Webinterface
  • The modular design of AlienVault USM in form of "deployable sensors", allows you to easily integrate different network segments, such as remote sites.
  • As regular vulnerability scans are a must to understand which CVEs your infrastructure is exposed at, this becomes an easy task with AlienVault. They provide you with a set-and-forget approach for running regular scans. Additionally there are helpful hints to how to get more secure.
Christian B. Caldarone profile photo
  • Vulnerability prioritization
  • Review of firewall rules
  • Review of routing rules
Gabriele Angeli profile photo

Cons

  • I would like to see an interface that is more menu driven. For example a method that allows me to drag and drop the items I would like in an adhoc report based on local machines that are attempting to connect to sites beyond our network that are blocked by our firewall.
  • I would like to see a more robust connection to our SonicWall, having two devices in the same rack that must be configured independently is some times a pain to fine tune.
  • I would like to see additional help files built that allow users to work with the Alienvault without attending formal training.
Randy Kouns profile photo
  • User experience. On the first approach, it's not the simplest tool that I have ever used.
  • Web-based console. In my honest opinion it's very important [to have] this type of functionality to extend the use of Skybox.
  • Too many updates of the product.
Gabriele Angeli profile photo

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a great product and has been instrumental to our security posture.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
The product once properly configured seems to offer a wealth of information but has it's issues. I feel that the initial setup/ installation should include technical support to get up and running. My personal experience from the configuration as installed indicates that the network adaptors are not properly configured to read information. The network ports where configured to only ready 1/2 the network?? So having help to get the system up and running should be part of the initial purchase.
James Ellsworth profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
I have a 50/50 rating on this because they have been helpful in one aspect but not in another. They seem to be fairly responsive to requests, but like with my most recent request no solution offered. that is not truly a fair statement, but rather no solution unless I agree to pay additional fee's. From conversations with both our sales rep and another representative they both indicate that we have 3 years of extended support, but the problem reported to them is not covered under our support agreement.
James Ellsworth profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
It required us to make a lot of changes and use a decent amount of manpower in order to implement the software.
Mikhail Suleymanov profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

If you look at AlienVault USM, you will have to look at OSSIM too. For very small enterprises with limited budget or no budget at all, OSSIM might be a good alternative, it is the free version of AlienVault USM, but that means you are on your own with it. Another competitor is definitively GrayLog as it provides a very good interface and is easy to use, plus it is using ElasticSearch as its data store. As stated previously, the ELK stack (ElasticSearch Logstash Kibana) is a good alternative too, but not ready to use off the shelf, nor an all-in-one solution. In fact, the components used by AlienVault, such as OpenVAS, OSSEC, Suricata, etc are its biggest competitors at the same time, but only if you make the effort to run each of the as an independent solution. In return you get a maximum of flexibility and full power over your solution.
Christian B. Caldarone profile photo
Skybox performs better than Tufin and RedSeal and while AlgoSec performs as well, it requires far more manual configuration and customization than Skybox
Alex Waitkus, CISSP-ISSAP, OSCP profile photo

Return on Investment

No answers on this topic
  • Reduces cost in terms of time and money to spend in remediation activity.
  • Improve the network topology and then it's possibile to reduce cost of network/security appliances where they're not necessary.
  • The cost of the solution is not trivial when the number of network appliances is big.
Gabriele Angeli profile photo

Screenshots

Skybox Security

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Skybox Security

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Skybox Security More Information