<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>Score 8 out of 101
Based on 334 reviews and ratings
Likelihood to Recommend
Since AlienVault is a versatile tool, having versions for various cloud providers as well as virtualization frameworks, it adheres to the most diverse scenarios. Another strong point to be highlighted is how the company is constantly improving the product. AlienVault is famous for the effort the company puts behind the tool, and it is being improved constantly by adding new resources.
Feature Rating Comparison
Centralized event and log data collection
Event and log normalization
Custom dashboards and views
Host and network-based intrusion detection
- AlienVault enables integration with external technologies, thereby broadening its scope and possibilities.
- AlienVault has a dashboard customization and reporting scheme that makes it flexible to query your data, allowing you to model the tool according to your needs.
- AlienVault will make you forget the need to consult some information on AWS Cloudtrail. It extracts the data from there and delivers in a much more efficient way.
- With a single tool you can monitor your cloud and on-premises environment.
- Low false positive rate as long as it is properly managed/tuned.
- Easy to manage and configure with the GUI.
- Support is great if assistance is needed.
- Their commercial policy on stored data makes you need to filter out some information before it is stored.
- Their new agent does not allow you to create local filters, which can easily lead to the overrun of monthly contracted storage limits.
- It does not allow you to create log analysis plugins. If it were allowed, it would be possible, for example, to create a plugin for analyzing the logs of an application created by your company.
- Wish additional modules were included such as FireAmp.
- Wish it was easier to include customized signatures if needed. Required to know how to code with Snort in order to add real customization.
Likelihood to Renew
Based on 13 answers
Based on 1 answer
Based on 33 answers
The system is great in turns of functionality but in terms of being user friendly and usability for the average person it is very hard to understand and wil take a lot of training.
Based on 24 answers
I find their support to be excellent. From the FAQ's to the tech docs, it is very easy to resolve most issues. The few times we worked with a support technician, they were always quick to resolve our issue. We are very pleased with the overall level of support!
Based on 37 answers
I felt that AlienVault performed the SIEM aspect as well as the one mentioned. My opinion has always been that the SIEM product is as good as the person using it is experienced. I selected AlienVault because of the many added features.
Sourcefire 3D is Snort on steroids. Snort is a great free open source tool but Sourcefire adds a lot of functionality on top of the Snort engine. It opens a whole new world when it comes to detecting and blocking malicious traffic if you decide to place it inline. We needed to enhance our Security posture and Sourcefire allowed us to do that.
Return on Investment
- We have noticed a drop in the amount of infections within the environment since introducing Sourcefire 3 years ago. This saves on time and effort on our desktop teams to remediate threats.
Premium Consulting/Integration Services
Entry-level set up fee?
Additional Pricing Details—
AlienVault USM More Information
Premium Consulting/Integration Services—
Entry-level set up fee?