AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

329 Ratings

AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>

329 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.9 out of 101

Symantec Advanced Threat Protection

15 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.5 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

Since AlienVault is a versatile tool, having versions for various cloud providers as well as virtualization frameworks, it adheres to the most diverse scenarios. Another strong point to be highlighted is how the company is constantly improving the product. AlienVault is famous for the effort the company puts behind the tool, and it is being improved constantly by adding new resources.
Erlon Sousa Pinheiro profile photo

Symantec Advanced Threat Protection

If you need something simple to quickly deploy, it's fine. But if you have other options, go with more useful threat detection products. I wasn't impressed by what it does.
David Crawford profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Symantec Advanced Threat Protection
Centralized event and log data collection
AlienVault USM
8.0
Symantec Advanced Threat Protection
Correlation
AlienVault USM
8.0
Symantec Advanced Threat Protection
Event and log normalization
AlienVault USM
8.0
Symantec Advanced Threat Protection
Deployment flexibility
AlienVault USM
7.0
Symantec Advanced Threat Protection
Custom dashboards and views
AlienVault USM
6.0
Symantec Advanced Threat Protection
Host and network-based intrusion detection
AlienVault USM
7.0
Symantec Advanced Threat Protection

Pros

  • AlienVault USM is based on well-known Open Source components, which each for itself, represents a quasi industry standard
  • Integration into the existing infrastructure works like a charm. Basically you just need to roll-out an OSSEC client to each server or PC and you have already a pretty high coverage of security information and events. They immediately show up in the AlienVault Webinterface
  • Due to the countless plugins, it is very easy to add network devices like firewalls, router, switches, but also servers running apache and the alike. You will just need to forward syslog and it will all appear in your AlienVault Webinterface
  • The modular design of AlienVault USM in form of "deployable sensors", allows you to easily integrate different network segments, such as remote sites.
  • As regular vulnerability scans are a must to understand which CVEs your infrastructure is exposed at, this becomes an easy task with AlienVault. They provide you with a set-and-forget approach for running regular scans. Additionally there are helpful hints to how to get more secure.
Christian B. Caldarone profile photo
  • Reliable detection and blocking of threats.
  • Easy deployment and updates.
  • Good central management console and features.
  • Fairly transparent to end users
No photo available

Cons

  • I would like to see an interface that is more menu driven. For example a method that allows me to drag and drop the items I would like in an adhoc report based on local machines that are attempting to connect to sites beyond our network that are blocked by our firewall.
  • I would like to see a more robust connection to our SonicWall, having two devices in the same rack that must be configured independently is some times a pain to fine tune.
  • I would like to see additional help files built that allow users to work with the Alienvault without attending formal training.
Randy Kouns profile photo
  • Supplier support - Really dire. Technical support off shore was passable, but account management was non existent. Really reflects on Symantec poorly given our spend per annum with them.
  • Cost per annum. At the upper end of protection systems. With little or no account support this was poor value.
  • Proactive communications with customer
No photo available

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
No need to renew our use. We are actively using and liking it. Future outlook is continued use of the USM platform and tailoring it more and more for our environment.
Jay Dibble profile photo
Symantec Advanced Threat Protection8.0
Based on 1 answer
Simplicity and scale of product
No photo available

Usability

AlienVault USM7.2
Based on 33 answers
Almost all functions are intuitive, custom logging is not very easy to configure.
Dana Hancock profile photo
Symantec Advanced Threat Protection8.0
Based on 1 answer
Easy to use once you have done the research and self education
No photo available

Support

AlienVault USM7.6
Based on 24 answers
Only had to use this once, and they had us back on track in an hour or so. They followed up the day after to make sure all was still working, great team.
Jason Cresswell profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
Anything beyond a vanilla deployment will take a lot of effort.
Aaron Rothstein profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

If you look at AlienVault USM, you will have to look at OSSIM too. For very small enterprises with limited budget or no budget at all, OSSIM might be a good alternative, it is the free version of AlienVault USM, but that means you are on your own with it. Another competitor is definitively GrayLog as it provides a very good interface and is easy to use, plus it is using ElasticSearch as its data store. As stated previously, the ELK stack (ElasticSearch Logstash Kibana) is a good alternative too, but not ready to use off the shelf, nor an all-in-one solution. In fact, the components used by AlienVault, such as OpenVAS, OSSEC, Suricata, etc are its biggest competitors at the same time, but only if you make the effort to run each of the as an independent solution. In return you get a maximum of flexibility and full power over your solution.
Christian B. Caldarone profile photo
Cisco FireAMP was a terrible competitor to Symantec. Outdated UI, often flagged itself as a threat, and difficult to manage/trust.Avast was much better than Symantec, however, its deployment was more difficult. But detection was great and we could trust its results much more. Malwarebytes was the best out of all. We could trust the results, and it was easy to use and deploy. There were no issues with this application compared to Symantec.
David Crawford profile photo

Return on Investment

No answers on this topic
  • Sandboxing and detonation helps in prevention and protecting our availability and confidentiality
  • Context intelligence gives our department a clear view of the threat and how to remediate it
  • Traffic analysis helps our department not waste time tracking down the source
No photo available

Screenshots

Symantec Advanced Threat Protection

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Symantec Advanced Threat Protection

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Symantec Advanced Threat Protection More Information