What users are saying about

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
336 Ratings

AlienVault USM

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
336 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101
13 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.3 out of 101

Add comparison

Likelihood to Recommend

AlienVault USM

AlienVault USM Anywhere is a great SIEM and if you need to deploy a SaaS solution then it is suited very well. It works very well for us being 100% AWS and integrates well with our toolset and AWS features. The Open Threat Intelligence (OTX) is perfect for providing context on events and feeding our incident response processes.
Matthew White profile photo

Tenable SecurityCenter

SecurityCenter is definitely the juggernaut of the industry. You don't see many shops that are not using Nessus and or SecurityCenter. As a pen tester, I do not judge shops that use Nessus as a catch all, as there are a lot of things you can get hyper focused on and a tool like this helps you see things you may have missed.
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault USM
7.3
Tenable SecurityCenter
Centralized event and log data collection
AlienVault USM
8.0
Tenable SecurityCenter
Correlation
AlienVault USM
8.0
Tenable SecurityCenter
Event and log normalization
AlienVault USM
8.0
Tenable SecurityCenter
Deployment flexibility
AlienVault USM
7.0
Tenable SecurityCenter
Custom dashboards and views
AlienVault USM
6.0
Tenable SecurityCenter
Host and network-based intrusion detection
AlienVault USM
7.0
Tenable SecurityCenter

Pros

  • Compliance: For each compliance aspect in each standard, there's an AlienVault USM feature which helps compliance. For instance, in PCI DSS Compliance you require File Integrity Monitoring, and AlienVault USM has it. Every component of the standard gets covered by the product.
  • Data handling: Event management can become cumbersome if not well handled. AlienVault USM classifies event information properly where it belongs to the data it's useful to you. When you export a report, you can filter out easily what you don't need, so you only extract valuable information.
  • Asset availability: It is really handy to cover every aspect of your asset classification, events to come in, services each asset has, location, all of the information really helps to draw alarms properly.
Ivan Montilla Miralles profile photo
  • Network sweeps
  • Network/host auditing (NIST, DoD, etc)
  • Vulnerability Scans
No photo available

Cons

  • Vulnerability Scanner reporting: The reporting from the integrated scanner (OpenVAS) are really difficult to read. They could have done a better job by scraping the report or creating a custom report from the data of the scan. However, leaving the default report template from OpenVAS makes the report somewhat useless.
  • Sometimes the local integration fails because of the scope of the tool. Let me elaborate on that: The OpenVAS scanner has certificated that expire within a year, and that makes the USM fail scans if you don't renew certificates yourself. They should have made them last at least 10 years. Same with Nagios, sometimes the integration fails and one doesn't know why unless you jailbreak it and find out in the logs for sure.
  • They do not provide a standalone installation of the product, because they modified so much the Linux distribution, that it must always be deployed as a virtual machine or appliance, but not on your own server.
Ivan Montilla Miralles profile photo
  • Bulky - does not scale easily
  • Lack of detailed error logs for scan issues
  • Lack of stripped client (piggybacking off the bulky) - could use a mini/portable client like nmap
No photo available

Likelihood to Renew

AlienVault USM9.0
Based on 13 answers
No need to renew our use. We are actively using and liking it. Future outlook is continued use of the USM platform and tailoring it more and more for our environment.
Jay Dibble profile photo
No score
No answers yet
No answers on this topic

Usability

AlienVault USM7.2
Based on 33 answers
Almost all functions are intuitive, custom logging is not very easy to configure.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Support

AlienVault USM7.6
Based on 24 answers
I have contacted support many times and every time they addressed the issue and continued until it was resolved. The product is solid, so the overall operation is trouble free.
Dana Hancock profile photo
No score
No answers yet
No answers on this topic

Implementation

AlienVault USM7.1
Based on 37 answers
The best recommendation I can offer is understand the system that is being installed. Knowing how to configure and specific expectations that you expect from the machine. I would say to watch the tutorials and the online video's, get yourself involved with the community forum and ask the questions if you do not understand.Our company did not make the best choice on the computer that the service was installed on and it has led to some adverse effects that did not appear until now, almost 2 years later and needing to re-install the entire system all over again.If you need the help, ask for it. The technical support team at alienvault and community forum members are always there to answer questions.
James Ellsworth profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

AlienVault USM works well for any company size. LogRhythm might be too much if your company is not already big, and the same can be said of McAfee Enterprise Security Manager. If this is your first SIEM, it's a really good choice and has nothing to envy from the others I'm comparing it with. I also recommend the cloud version of AlienVault, the USM Anywhere, which the interface is a bit different, but the principles remain the same. Also, the McAfee Enterprise Security Manager has a Flash-based interface, for which Adobe is phasing out. AlienVault USM is HTML5 and can even be used mobile.
Ivan Montilla Miralles profile photo
From time to time I take a contract in which I am building a network which includes either a SOC or a compliance shop (lots of this occurring now with the 800-171 compliance push). In many cases businesses like to take the cheap way out. We'll install other lesser known vulnerability scanners and or vulnerability scanners like Openvas. While they all get the job done, they do not pack the power that Nessus/ SecurityCenter packs
No photo available

Return on Investment

No answers on this topic
  • SecurityCenter has saved me from missing major items on tests. I would fixate on something, spend too much time on one item. Nessus broke the monotony and ensured that I didn't miss findings
No photo available

Screenshots

Tenable SecurityCenter

Pricing Details

AlienVault USM

General
Free Trial
Yes
Free/Freemium Version
Yes
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
Optional
Additional Pricing Details

AlienVault USM More Information

Tenable SecurityCenter

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Tenable SecurityCenter More Information