AlienVault USM<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>Score 7.9 out of 101
Based on 328 reviews and ratings
Likelihood to Recommend
AlienVault is most probably the best choice for smaller companies with up to 200 assets, which have limited resources in security personnel and are looking for an easy-to-implement, easy-to-run and easy-to-use SIEM including a "detection ecosystem". If you are highly skilled and very sophisticated (and you have the time too), you better run all the components, each as a stand-alone solution and feed their results into an ELK stack. If you are looking for something in between: AlienVault is customizable too! You can go down on a very system level (they call it jail-breaking, ouch!), and get on a config spree, but be warned: The next update can break your changes. You need to know what you can so and what not, but once you understand where you can go, and where not, AlienVault becomes a friend for a lifetime.
Tripwire Enterprise is great for hosting/data center environments and it greatly helps where console screenshots and reporting fill a lot of our client internal audit needs for security and change control.
Feature Rating Comparison
Centralized event and log data collection
Event and log normalization
Custom dashboards and views
Host and network-based intrusion detection
- Very in depth on scanning for inventory! This allows one to get the "50,000 feet" view of the organizations IT assets, and can narrow down on a specific inventory item with just a few clicks.
- Conducts detailed vulnerability scans. While it doesn't mitigate the vulnerabilities, it gives us instructions on how to mitigate them..what steps we need to take.
- The reporting function is phenomenal. It aggregates logs from other hardware and software, and can present a in-depth report based on that data.
- It allows us to track development changes for engineer accountability.
- Tripwire Enterprise also allows us to monitor changes/updates being done to our systems in our hosting centers.
- We use the software to track user access and critical system changes.
- It can be difficult to set up correctly. I found the documentation sparse in some instances.
- It can generate a ton of alerts, again if not set up correctly. I recommend taking the engineer's class for it, so that you can get the most out of your investment.
- The vulnerability scans can eat up a lot of resources, as well as be a bit pushy. Running a scan against one of our printers resulted in that printer constantly flooded with inventory scan requests by AlienVault, which rendered said printer unusable. Make sure you break out your networks when doing scans!
- In previous versions the management console was a little hard to navigate in some respects.
- I'm sure this has changed over time but we hope the reporting system has gotten more granular.
- I really don't have to many cons for this product, I recommend it for every company I work for!
Likelihood to Renew
Based on 13 answers
No need to renew our use. We are actively using and liking it. Future outlook is continued use of the USM platform and tailoring it more and more for our environment.
Based on 24 answers
I have contacted support many times and every time they addressed the issue and continued until it was resolved. The product is solid, so the overall operation is trouble free.
Based on 37 answers
Pre planning is crucial. We typically preconfigure all appliances before they are deployed to the client so that the only thing left to do is deploy the agents.
We looked at a number of other products besides AlienVault. Most of them were software packages that had OK reviews, but would have been costly to implement and time-consuming to maintain. AlienVault was an all-in-one appliance, though it comes in a virtual machine that you can run as well. We chose the USM because of our virtualization resources were getting pretty tight at the time we chose AlienVault, and we prefer hardware appliances.
Return on Investment
- Tripwire has been a positive business impact for us because of its trusted name. Our customers require software like Tripwire because they know their data and security concerns are in good hands when it's deployed.
- The ROI for Tripwire is also a positive for our business because of the time and man power saved in due diligence and reporting for our clients' internal auditing.
Premium Consulting/Integration Services
Entry-level set up fee?
Additional Pricing Details—
AlienVault USM More Information
Premium Consulting/Integration Services—
Entry-level set up fee?