What users are saying about

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings

Splunk Enterprise

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
213 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101

Splunk Enterprise

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
213 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.6 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

Splunk Enterprise

Splunk for Enterprise Security bar none is the most intuitive and flexible security tool around. The ability to integrate and visualize threat analysis in real time is a key importance to keeping the enterprise secure.
Rick Yetter profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Splunk Enterprise
8.6
Centralized event and log data collection
AlienVault USM
8.0
Splunk Enterprise
9.2
Correlation
AlienVault USM
8.0
Splunk Enterprise
8.0
Event and log normalization
AlienVault USM
8.0
Splunk Enterprise
9.1
Deployment flexibility
AlienVault USM
7.0
Splunk Enterprise
8.3
Custom dashboards and views
AlienVault USM
6.0
Splunk Enterprise
9.4
Host and network-based intrusion detection
AlienVault USM
7.0
Splunk Enterprise
8.5
Integration with Identity and Access Management Tools
AlienVault USM
Splunk Enterprise
8.0

Pros

  • The SIEM does a good job of correlating network data from multiple sources along with the Data from deployed HIDS
  • The Nmap scan is fast and non-invasive that defines devices on your network.
  • The vulnerability scanning has several options and reports to enable data to be available for compliance purposes.
Clark Crain profile photo
  • Best tool to do log monitoring and creating intuitive dashboards and charts
  • Best for setting up alerting for application logs
Priti Asai / Thakkar profile photo

Cons

  • Vulnerability Scanner reporting: The reporting from the integrated scanner (OpenVAS) are really difficult to read. They could have done a better job by scraping the report or creating a custom report from the data of the scan. However, leaving the default report template from OpenVAS makes the report somewhat useless.
  • Sometimes the local integration fails because of the scope of the tool. Let me elaborate on that: The OpenVAS scanner has certificated that expire within a year, and that makes the USM fail scans if you don't renew certificates yourself. They should have made them last at least 10 years. Same with Nagios, sometimes the integration fails and one doesn't know why unless you jailbreak it and find out in the logs for sure.
  • They do not provide a standalone installation of the product, because they modified so much the Linux distribution, that it must always be deployed as a virtual machine or appliance, but not on your own server.
Ivan Montilla Miralles profile photo
  • The tool needs to integrate AI to understand the system logs and alerting should be based on the auto learning.
Priti Asai / Thakkar profile photo

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
The centralized logging and retention for PCI compliance was our main driver, and it is meeting that need. Otherwise there has been enough frustration with the lack of documentation and the need to customize through the CLI that I would be open to alternatives.
Aaron Rothstein profile photo
Splunk Enterprise7.7
Based on 15 answers
It's apparent that our business has so profoundly changed that it cannot be without Splunk unless a better product comes along or we have reached a dead-end on things we wanted to do but that Splunk cannot provide.
No photo available

Usability

AlienVault USM7.2
Based on 33 answers
Being SIEM type solution there is no other product that is this easy to configure and use.
Russel Beckham profile photo
Splunk Enterprise9.9
Based on 2 answers
You can literally throw in a single word into Splunk and it will pull back all instances of that word across all of your logs for the time span you select (provided you have permission to see that data). We have several users who have taken a few of the free courses from Splunk that are able to pull data out of it everyday with little help at all.
Kenneth Taitingfong profile photo

Reliability and Availability

AlienVault USM6.4
Based on 3 answers
No answer on this topic is available.
Splunk Enterprise10.0
Based on 1 answer
When properly setup and configured, Splunk is extremely reliable.
No photo available

Support

AlienVault USM7.6
Based on 24 answers
I have not had a single issue with the alienvault support staff. Any issue or question that we had, especially in the beginning during the installation phase the support staff was readily available via phone and email to help us. I am very happy with the decision we made to go with alienvault.
Mikhail Suleymanov profile photo
Splunk Enterprise8.9
Based on 3 answers
Support from Splunk to our company is extremely good . Our team developed many dash boards , reports and alerts in Splunk which saved so many hours of our development time and made us very very efficient . We are extremely happy with current functionality provided by Splunk and have no complaints at all . I would definitely recommend it to everyone
No photo available

Implementation

AlienVault USM7.1
Based on 37 answers
Anything beyond a vanilla deployment will take a lot of effort.
Aaron Rothstein profile photo
Splunk Enterprise8.0
Based on 1 answer
Engage professional service early on in the implementation
No photo available

Alternatives Considered

I recommended Alert Logic, but management was drawn to the much lower price of AlienVault. Alert Logic seems to have a more mature product and has some of these features that have been lacking in AlienVault.
John Grosjean profile photo
We are using this because it has lots of advantage over others. And it seems to be a good fit for us. Splunk provides lot more features than others and its UI is user-friendly, so for a new developer, it would not be too difficult to use it and do something around it.
Rounak Jangir profile photo

Scalability

AlienVault USM6.3
Based on 3 answers
No answer on this topic is available.
Splunk Enterprise9.1
Based on 1 answer
Splunk can scale in to the petabyte per day range which of course is awesome
Rick Yetter profile photo

Return on Investment

No answers on this topic
  • Splunk has been used as a one-stop-shop for log collection, indexing, alerting, analytics and dashboarding
  • Splunk is a costly software however ROI on our engineering and operations is huge.
  • Negative could only be its high licensing costs. It might not be a viable option for all companies.
No photo available

Screenshots

Splunk Enterprise

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Splunk Enterprise

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Splunk Enterprise More Information