AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
334 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101
15 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.5 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

Symantec Advanced Threat Protection

If you need something simple to quickly deploy, it's fine. But if you have other options, go with more useful threat detection products. I wasn't impressed by what it does.
David Crawford profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Symantec Advanced Threat Protection
Centralized event and log data collection
AlienVault USM
8.0
Symantec Advanced Threat Protection
Correlation
AlienVault USM
8.0
Symantec Advanced Threat Protection
Event and log normalization
AlienVault USM
8.0
Symantec Advanced Threat Protection
Deployment flexibility
AlienVault USM
7.0
Symantec Advanced Threat Protection
Custom dashboards and views
AlienVault USM
6.0
Symantec Advanced Threat Protection
Host and network-based intrusion detection
AlienVault USM
7.0
Symantec Advanced Threat Protection

Pros

  • AlienVault enables integration with external technologies, thereby broadening its scope and possibilities.
  • AlienVault has a dashboard customization and reporting scheme that makes it flexible to query your data, allowing you to model the tool according to your needs.
  • AlienVault will make you forget the need to consult some information on AWS Cloudtrail. It extracts the data from there and delivers in a much more efficient way.
  • With a single tool you can monitor your cloud and on-premises environment.
Erlon Sousa Pinheiro profile photo
  • It was easy to install on machines in an active directory environment, and maintain/update whenever we needed without having to physically go to clients.
  • The interface was pretty well locked down for clients, which was good in order to stop accidental meddling.
  • Symantec has good online resources for current threats, including messages or warning signs and what to do/where to find them on a machine in case SATP cannot deal with it on its own.
David Crawford profile photo

Cons

  • Walking through all the devices after a Nmap or device discovery scan can be tedious to get the data correct
  • When deploying HIDS, it would be better if the system gave more detail as to the deployment error
  • Offline updating of licenses can be a little time-consuming
Clark Crain profile photo
  • Supplier support - Really dire. Technical support off shore was passable, but account management was non existent. Really reflects on Symantec poorly given our spend per annum with them.
  • Cost per annum. At the upper end of protection systems. With little or no account support this was poor value.
  • Proactive communications with customer
No photo available

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a great product and has been instrumental to our security posture.
Dana Hancock profile photo
Symantec Advanced Threat Protection8.0
Based on 1 answer
Simplicity and scale of product
No photo available

Usability

AlienVault USM7.2
Based on 33 answers
After using it for some time I have found the interface to be somewhat "clunky." Some of the system management requirements have to be done from the CLI (Command Line Interface). There is no way to easily automate some of the system maintenance, that if not addressed, causes the system to become unusable after a period of time
Brian W. Caldwell BIT | MIS profile photo
Symantec Advanced Threat Protection8.0
Based on 1 answer
Easy to use once you have done the research and self education
No photo available

Support

AlienVault USM7.6
Based on 24 answers
Only had to use this once, and they had us back on track in an hour or so. They followed up the day after to make sure all was still working, great team.
Jason Cresswell profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
Before implementing AlienVault, take the class. It will make things easier down the line.
Ledan Patrick Masseus profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

AlienVault USM works well for any company size. LogRhythm might be too much if your company is not already big, and the same can be said of McAfee Enterprise Security Manager. If this is your first SIEM, it's a really good choice and has nothing to envy from the others I'm comparing it with. I also recommend the cloud version of AlienVault, the USM Anywhere, which the interface is a bit different, but the principles remain the same. Also, the McAfee Enterprise Security Manager has a Flash-based interface, for which Adobe is phasing out. AlienVault USM is HTML5 and can even be used mobile.
Ivan Montilla Miralles profile photo
Cisco FireAMP was a terrible competitor to Symantec. Outdated UI, often flagged itself as a threat, and difficult to manage/trust.Avast was much better than Symantec, however, its deployment was more difficult. But detection was great and we could trust its results much more. Malwarebytes was the best out of all. We could trust the results, and it was easy to use and deploy. There were no issues with this application compared to Symantec.
David Crawford profile photo

Return on Investment

No answers on this topic
  • Some digital assets were lost due to failures to detect various threats.
  • We had to use other products in combination in order to trust that all threats were actually detected, taking extra time. We couldn't use just SATP.
  • Ability to quickly manage/deploy via AD made maintenance of the application itself quick and easy.
David Crawford profile photo

Screenshots

Symantec Advanced Threat Protection

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Symantec Advanced Threat Protection

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Symantec Advanced Threat Protection More Information