What users are saying about
AlienVault USM
<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
Top Rated
599 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>Score 7.9 out of 101
Based on 599 reviews and ratings
54 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>Score 8.2 out of 101
Based on 54 reviews and ratings
Likelihood to Recommend
AlienVault USM
AlienVault Unified Security Management (USM) Anywhere is a cloud-based security information and event management solution that provides effective and affordable threat detection, incident response, and compliance management capabilities. USM Anywhere is well suited to mid-size enterprise environments operating in the cloud. USM Anywhere is also well suited to enterprises whose operations teams require easy deployment and management. Last, USM Anywhere is considered a highly affordable option compared to competitors. USM Anywhere lags competitors in several areas, such as application monitoring, database monitoring, and integrations with third-party solutions such as cloud access security brokers (CASB), DAM, DAP, and DLP.
Tier II SOC Analyst
Rendition Infosec LLCInformation Technology & Services, 11-50 employees
SolarWinds Security Event Manager
When an account is created in active directory your teams can be notified. You can also be notified when computer objects are created in your enviroment. This can be helpful to spot unknown devices that may try to bind to your AD for authentication. Or if accounts are deleted in mass you can react quickly
Director of IT Engineering
Pearl River ResortGambling & Casinos, 1001-5000 employees
Feature Rating Comparison
Security Information and Event Management (SIEM)
AlienVault USM
7.3
SolarWinds Security Event Manager
8.2
Centralized event and log data collection
AlienVault USM
8.0
SolarWinds Security Event Manager
9.2
Correlation
AlienVault USM
8.0
SolarWinds Security Event Manager
8.7
Event and log normalization
AlienVault USM
8.0
SolarWinds Security Event Manager
8.6
Deployment flexibility
AlienVault USM
7.0
SolarWinds Security Event Manager
8.3
Custom dashboards and views
AlienVault USM
6.0
SolarWinds Security Event Manager
5.4
Host and network-based intrusion detection
AlienVault USM
7.0
SolarWinds Security Event Manager
8.8
Integration with Identity and Access Management Tools
AlienVault USM
—
SolarWinds Security Event Manager
8.3
Pros
AlienVault USM
- Alienvault USM is THOROUGH. We have a highly integrated workspace that's most SAAS, and I monitor those integrations and their security with AV. If I am trying to track the uptime of a laptop, I don't go to VPN or our Directory Services... I go to AV.
- As I mentioned before, we use Sophos to protect our laptops. If a questionable file shows up on someones laptop, I hear about it from AlienVault before I hear about it from our Sophos service.
- The OTX Pulse feature is a built-in feature that lets you subscribe to industries and you are notified about new threats that affect that industry on a daily basis. The pulse alerts are added to your AV watchlist.
System Administrator
Enthought, Inc.Computer Software, 51-200 employees
SolarWinds Security Event Manager
- Compared to other SIEMs, it's relatively easy to get up and running. The virtual appliance is easy to maintain.
- Support was top notch. The support team really knows their stuff when you run into an issue.
- The email alert system is easy to use and attach to a fired rule.

Verified User
Analyst in Information Technology
Marketing and Advertising Company, 201-500 employeesCons
AlienVault USM
- While there are many features, many of them are not very advanced. Vulnerability scanning as an example is extremely simplistic and almost unusable for an enterprise organization. It's just enough to get a program off the ground.
- Cloud-only deployment model (SaaS) may not fit all organizations. Not all organizations are "cloud friendly".
- Reporting capabilities out of the box are lack luster. Vulnerability management reporting as an example does not include a single canned report.
Head of Information Security
EnPro IndustriesMechanical or Industrial Engineering, 5001-10,000 employees
SolarWinds Security Event Manager
- While the initial setup was straightforward, customizations to reports can be a little daunting. Luckily SolarWinds has videos available on steps to proceed and their tech support reps are very helpful too.
- The frequency of version updates is few and far between. This may be a good thing and should be expected since it is a set it and forget it kind of virtual appliance.
- It would be helpful if SolarWinds LEM had Wizards built-in that could assist in adding new types of devices. At times, I've had to go with trial and error until SolarWinds LEM would actually start collecting data from a particular one-off node.
Sr. IT Systems Administrator
Zombie ComputersGovernment Administration, 1001-5000 employees
Likelihood to Renew
AlienVault USM
AlienVault USM 4.4
Based on 16 answers
The centralized logging and retention for PCI compliance was our main driver, and it is meeting that need. Otherwise there has been enough frustration with the lack of documentation and the need to customize through the CLI that I would be open to alternatives.
IT Systems Architect
ROTHSTEIN.ioRestaurants, 5001-10,000 employees
SolarWinds Security Event Manager
No score
No answers yet
No answers on this topic
Usability
AlienVault USM
AlienVault USM 7.3
Based on 35 answers
The product once properly configured seems to offer a wealth of information but has it's issues. I feel that the initial setup/ installation should include technical support to get up and running. My personal experience from the configuration as installed indicates that the network adaptors are not properly configured to read information. The network ports where configured to only ready 1/2 the network?? So having help to get the system up and running should be part of the initial purchase.
IT Technician
Sierra Gold NurseryFarming, 201-500 employees
SolarWinds Security Event Manager
No score
No answers yet
No answers on this topic
Support
AlienVault USM
AlienVault USM 7.5
Based on 25 answers
I have not had a single issue with the alienvault support staff. Any issue or question that we had, especially in the beginning during the installation phase the support staff was readily available via phone and email to help us. I am very happy with the decision we made to go with alienvault.
Chief Compliance Officer
Just2TradeCapital Markets, 11-50 employees
SolarWinds Security Event Manager
SolarWinds Security Event Manager 6.8
Based on 4 answers
I have not directly worked with SolarWinds support. However, my staff has great things to say about them. Even during upgrades on the servers that we were doing ourselves support was very helpful with troubleshooting and best practices. Also the TWACK community is very helpful. I have heard other people in the industry stated that it is one of SolarWinds best features
Director of IT Engineering
Pearl River ResortGambling & Casinos, 1001-5000 employees
Online Training
AlienVault USM
AlienVault USM 8.6
Based on 6 answers
The instructor was very knowledgeable and was able to answer everyone's questions. He also was able to teach to many different levels. Some folks in the class had already been using USM or a similar product whereas I and a few others were brand new. He also provided a way of reaching out with questions after the training was over. Everyone in the training seemed to enjoy the class.
System Administrator
Enthought, Inc.Computer Software, 51-200 employees
SolarWinds Security Event Manager
No score
No answers yet
No answers on this topic
Implementation
AlienVault USM
AlienVault USM 6.6
Based on 38 answers
Initial implementation was okay, but we should have gone on the one week course first as an understanding of the features and what to look for would have been of great use. This is especially relevant when fine tuning and correlating events and creating parsers.Once set up the system is pretty resilient and adding in configuration is quite an easy process. We only had on the odd few occasions had to progress any set up problems to tech support.There are also some great whitepapers and set up articles on AlienVault's website support.
IT Systems/Security Manager
R&QInsurance, 201-500 employees
SolarWinds Security Event Manager
No score
No answers yet
No answers on this topic
Alternatives Considered
AlienVault USM
USM Appliance provides you with the ability to identify your critical assets and to set policies to alert you when those assets have vulnerabilities or are subjected to attacks. USM Appliance will generate alarms based upon the risk associated with any given security event captured in USM Appliance.USM Appliance provides you with the ability to identify your critical assets and to set policies to alert you when those assets have vulnerabilities or are subjected to attacks. USM Appliance will generate alarms based upon the risk associated with any given security event captured in USM Appliance. Identifying patterns of events that indicate a possible threat or vulnerability.
SOC Analyst
Bitcrack Cyber SecurityInformation Technology and Services, 11-50 employees
SolarWinds Security Event Manager
In the past I have used Qradar, McAfee ESM, and RSA Security Analytics.
PROS:Compared to these products, LEM is by far the most user friendly and easiest to deploy. LEM's ability to automate response and remediation also seems a cut above these products. LEM also ranks up at the top in terms of reliability. Very rarely have we had to resolve issues that prevented LEM from doing it's job.
CONS: LEM is unfortunately lacking in the ability to create custom parsers like other SIEM solutions can. This means if LEM is unable to parse logs coming from a network appliance, you won't be able to view them until Solarwinds releases their official parser for that product. Complex correlations can also test the limits of LEM due to the way that logs are parsed into event type rather than log source type. Trying to correlate all of your IPS events in a complex correlation? This my prove to be difficult in LEM.
PROS:Compared to these products, LEM is by far the most user friendly and easiest to deploy. LEM's ability to automate response and remediation also seems a cut above these products. LEM also ranks up at the top in terms of reliability. Very rarely have we had to resolve issues that prevented LEM from doing it's job.
CONS: LEM is unfortunately lacking in the ability to create custom parsers like other SIEM solutions can. This means if LEM is unable to parse logs coming from a network appliance, you won't be able to view them until Solarwinds releases their official parser for that product. Complex correlations can also test the limits of LEM due to the way that logs are parsed into event type rather than log source type. Trying to correlate all of your IPS events in a complex correlation? This my prove to be difficult in LEM.

Verified User
Engineer in Information Technology
Financial Services Company, 201-500 employeesReturn on Investment
AlienVault USM
No answers on this topic
SolarWinds Security Event Manager
- LEM provides users the ability to reduce administration and operations cost by consolidating log management into one system.
- LEM allows various IT departments such as server and network to work together using normalized common events. This increases operational efficiency and reduces event correlation time.
- Customers should expect a high learning curve for personnel when the product is first implemented. Network management will need to plan on some ramp-up time cost up front.
Network and Enterprise Monitoring Leader
ZENBonz-EnterprisesInformation Technology and Services, 10,001+ employees
Screenshots
AlienVault USM
Pricing Details
AlienVault USM
General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
SolarWinds Security Event Manager
General
Free Trial
Yes
Free/Freemium Version
—Premium Consulting/Integration Services
—Entry-level set up fee?
No