AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
336 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
336 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101
7 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

Since AlienVault is a versatile tool, having versions for various cloud providers as well as virtualization frameworks, it adheres to the most diverse scenarios. Another strong point to be highlighted is how the company is constantly improving the product. AlienVault is famous for the effort the company puts behind the tool, and it is being improved constantly by adding new resources.
Erlon Sousa Pinheiro profile photo

Symantec Critical System Protection

Symantec Critical System Protection (CSP) is very well suited for environments that do not change such as point of sale systems and critical servers. This product is spectacular at protecting end of life operating systems when supporting legacy software prevents upgrades. When security updates are no longer available, CSP will prevent exploits and other malware from taking advantage. This product is not well suited for systems that require a lot of changes. For one, it does not notify when a change has been blocked by CSP, causing some server administrators to waste many hours chasing a phantom technical problem when turning off CSP could have solved it right away. Also, profiling takes time so systems that constantly change would need hundreds of exceptions made.
Jennifer Greulich, GSED, GSEC profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Symantec Critical System Protection
2.8
Centralized event and log data collection
AlienVault USM
8.0
Symantec Critical System Protection
3.0
Correlation
AlienVault USM
8.0
Symantec Critical System Protection
Event and log normalization
AlienVault USM
8.0
Symantec Critical System Protection
Deployment flexibility
AlienVault USM
7.0
Symantec Critical System Protection
2.0
Custom dashboards and views
AlienVault USM
6.0
Symantec Critical System Protection
3.0
Host and network-based intrusion detection
AlienVault USM
7.0
Symantec Critical System Protection
3.0

Pros

  • AlienVault enables integration with external technologies, thereby broadening its scope and possibilities.
  • AlienVault has a dashboard customization and reporting scheme that makes it flexible to query your data, allowing you to model the tool according to your needs.
  • AlienVault will make you forget the need to consult some information on AWS Cloudtrail. It extracts the data from there and delivers in a much more efficient way.
  • With a single tool you can monitor your cloud and on-premises environment.
Erlon Sousa Pinheiro profile photo
  • Prevents exploits, unwanted executables, registry changes, and system file changes
  • Can allow exceptions for software vendors such as Microsoft or Adobe
  • Prevents lateral movement with certain network rules configured
  • Can record file changes
Jennifer Greulich, GSED, GSEC profile photo

Cons

  • Vulnerability Scanner reporting: The reporting from the integrated scanner (OpenVAS) are really difficult to read. They could have done a better job by scraping the report or creating a custom report from the data of the scan. However, leaving the default report template from OpenVAS makes the report somewhat useless.
  • Sometimes the local integration fails because of the scope of the tool. Let me elaborate on that: The OpenVAS scanner has certificated that expire within a year, and that makes the USM fail scans if you don't renew certificates yourself. They should have made them last at least 10 years. Same with Nagios, sometimes the integration fails and one doesn't know why unless you jailbreak it and find out in the logs for sure.
  • They do not provide a standalone installation of the product, because they modified so much the Linux distribution, that it must always be deployed as a virtual machine or appliance, but not on your own server.
Ivan Montilla Miralles profile photo
  • Tuning takes a very long time
  • Turning the product on or off can take time
  • When an action is prevented by CSP, there is no pop up or notification, making this a burden for server administrators
Jennifer Greulich, GSED, GSEC profile photo

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
It is a great product and has been instrumental to our security posture.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
After using it for some time I have found the interface to be somewhat "clunky." Some of the system management requirements have to be done from the CLI (Command Line Interface). There is no way to easily automate some of the system maintenance, that if not addressed, causes the system to become unusable after a period of time
Brian W. Caldwell BIT | MIS profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
I have not had a single issue with the alienvault support staff. Any issue or question that we had, especially in the beginning during the installation phase the support staff was readily available via phone and email to help us. I am very happy with the decision we made to go with alienvault.
Mikhail Suleymanov profile photo
Symantec Critical System Protection10.0
Based on 1 answer
They respond quickly and efficiently without the need to reiterate the actual issue. Their backline support is amazing and always there for us when it is needed. They explain the troubleshooting steps taken and what they did to help us resolve the issue just incase it creeps up again we have the information to correct it ourselves.
No photo available

Implementation

AlienVault USM7.1
Based on 37 answers
Initial implementation was okay, but we should have gone on the one week course first as an understanding of the features and what to look for would have been of great use. This is especially relevant when fine tuning and correlating events and creating parsers.Once set up the system is pretty resilient and adding in configuration is quite an easy process. We only had on the odd few occasions had to progress any set up problems to tech support.There are also some great whitepapers and set up articles on AlienVault's website support.
Philip Clarke profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

I recommended Alert Logic, but management was drawn to the much lower price of AlienVault. Alert Logic seems to have a more mature product and has some of these features that have been lacking in AlienVault.
John Grosjean profile photo
We evaluated Bit 9 and you have more flexibility with the rule set and do not rely on the cloud to tell you what is approved and not approved. You build out the policies the way you need them to be and who better knows the environment that the people that work it daily.
No photo available

Return on Investment

No answers on this topic
  • Great protection for unchanging systems
  • We have comfort that the protected systems are safe from intrusion
  • Excellent price
Jennifer Greulich, GSED, GSEC profile photo

Screenshots

Symantec Critical System Protection

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Symantec Critical System Protection

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Symantec Critical System Protection More Information