TrustRadius
https://media.trustradius.com/product-logos/LF/Ap/TPOL9A2198T5.JPEGAliens to the rescue!We are primarily using the product as our SIEM system to correlate logs across our infrastructure and provide useful analysis on potential threats and anomalies. We also use the built in vulnerability scanning, IDS and asset management functions as a complement to our existing vulnerability/IDS/asset management systems. With this level of intelligence, it helps us determine what course of action to take to an incident and assists us in prioritization.,Log correlation is excellent and on par with other more expensive solutions. Ease of use is a big plus. Initial setup was simple and quick. The OTX threat intelligence is a great complement to our other threat intelligence feeds to ensure we have as many 'eyes' out there informing us of all the potentially malicious threat actors out there.,There are a couple of things that can only be done through the CLI and unless you're familiar with the CLI, there may be a large learning curve for some. The vulnerability scanner lacks a number of advanced features that other solutions have which make it simpler and more efficient to manage. Plugins are limited (although they are adding more as time goes on). If you need a plugin that is not available you will need to create one on your own which requires modification of a number of files and can be daunting for someone new to the platform.,9,,The AlienVault USM is reasonable at detecting actual security threats. There is an initial period where you may receive a large amount of false positives or false negatives however with some tweaking these disappear.,With limited budgets and resources, the AlienVault USM has definitely assisted us in reducing the amount of time we need to spend in detecting and reacting to security threats.,4,3,8,Yes,7,Yes,There have been a few times recently when AlienVault support did go out of their way to provide exceptional support. If they keep this up their customer satisfaction rates will no doubt go higher in the future.,8AlienVault is no Alien when it comes to SecurityAlienVault Unified Security Management is being used across the whole organisation for event logging and monitoring, threat/vulnerability management and IDS.,Alerting on correlated events - this has allowed us to capture malware ahead of time. Ease of device logging - once the logs are sent through, the data is available instantly. Actively reviewing and responding to vulnerabilities through an easy to use interface and schedule task format.,More functionality pushed through the web interface would be useful. Asset management can be a little restricted when applying changes across a rule set.,10,LogRythm, Alert Logic and QRadar,Threat management is an excellent feature and allows us an all round vision of our landscape.,With a reduced security team Alienvault's USM allows us to have full SOC capabilities a cost saving to the organisation.,5,2,Determining malware has entered the organisation Communication failures between servers/services Activity on firewalls Changes on AD without the necessary approval authorities in place,Triggering events in other monitoring systems Integrating with other monitoring products to give a more rounded view Utilising into quarter end reporting for excom updates,Allow dashboard use throughout the business support units Centralised view for The SOC Interfacing into other products that fall outside of traditional security products,10,Yes,Price Product Features Product Usability Analyst Reports,Our evaluation process is part of our policy governance therefore the actual process of vendor selection would not change.,8,8,Dashboards Correlation Rule Set up Log Collection Asset Adding Vulnerability Scanning,Creating parsers can be difficult unless regex is understood.,10AlienVault is the best SIEM out there - hands down!I implemented first OSSIM, the community version, to see what type of intelligence it could give me. Before long I was feeding it information from my firewall and network devices. When people talk about a "single pane of glass", this must be the product they are referring too. I purchased the product and have it deployed across the enterprise now. I'm using it for two purposes really - to see what isn't normal - i.e. warn me about potential issues, and I'm using it to see what has happened (historical). The interface really allows you to see what's hot - if a metric, when it changes, doesn't prompt you to get out of your chair and do something, it's a wasted metric. With AlienVault, all I see are metrics that make me do things when they aren't where they are supposed to be. In my environment, I have 18 buildings spread across 72 square miles. We support 13,000 users on a daily basis, with 6,000 owned devices, and a ton of BYOD devices. With only 10 people in the department (including myself and my secretary), I couldn't imagine staying on top of this without AlienVault.,Reporting, reporting, reporting. Setting it up so I get emailed reports has allowed me to know, even when I am not in the office, how my day is going to go. The breadth and depth of the reports, and the ability to customize so you get what you want is awesome. Dashboard. The visual dashboard with the circles (areas of concentration based on number of incidents) is brilliant. All I have to do is show that to people, and they want to install it. Ease of implementation. Turn it on, answer a few questions, point stuff at it, and you're done. Ok, there is a lot more - I mean a lot more - you can do to customize it, but if you're looking to quickly establish a baseline, that's all you need to do. Who else has a fully functional product (OSSIM) you can download and install for FREE to see how it will work in your environment?,If it did a little more with IPFIX data (think NTOP). Otherwise, it's perfect.,10,,So, my environment (a K12 Public School District with 11,000 students) faces two threats. External, and internal (come on, where else are the kids going to try to break things?). AlienVault was a perfect fit because it really allows me to see EVERYTHING. I've used it to stop kids from doing network scans; trying to load bots; everything script kiddies do. I've also used it to detect and shut down traffic from external threat vectors based on attepts to scan and penetrate the network.,Um, hell yes. I have 10 people - no one full-time on security. Without AlienVault I'd feel like we were naked. It allows me to achieve a high-level of visibility without the need to increase staff. It was, and continues to be, a win for the tax payers; the staff; and me.,Yes,I spent several months using OSSIM in a production environment. While the product performed rock solid, it didn't afford me some of the reporting that I needed. I made the decision to upgrade to AlienVault and it has worked out well. The depth of reporting is so much more extensive in AlienVault. The critical aspects of a SIEM are ther in OSSIM, and I'm not saying reporting is the only reason I upgraded, but it was a major factor. I work in an environment where I have a very small staff, so support for the product was also a factor. The documentation, if you print it out, can be a bit overwhelming - it's very, very thorough. The best way to tackle it is to ask a question, then hit the documents to find the specific answer. I'm very, very happy I made the upgrade and if you're using OSSIM in a production environment, you should seriously consider making the switch.,Price Product Features Product Usability Analyst Reports Third-party Reviews,I would not change the evaluation process. Awesome that I can use an OSSIM for as long as I need to, to make sure it works, before purchase.,10,10This is no Area 51, AlienVault exposes the hidden threats!AlienVault USM is use throughout our organization. It was put in place to resolve two issues. One was for vulnerability scans for audit compliance. It was also used for monitoring critical systems in our network. We also use to to parse syslog and other logging. An added bonus was the ability to track AD changes. The vulnerability scans are the best bar none that we tested. The monitoring is great too, however the only thing we found lacking was hard drive monitoring, we had to put another solution in place for that, however that was 6 months ago, so things may have changed.,Vulnerability scanning Up to date security definitions Open Threat Exchange Range or product sizes to fit any size of organization,Hard drive monitoring Slightly higher learning curve,9,LogRhythm, SolarWinds Log & Event Manager and Splunk Enterprise,AlienVault USM is phenomenal at keeping us up to date with the latest threat. The Open Threat Exchange (OTX) has great integration in their product and allows peers to submit transparent samples and definitions of security threats that they have seen. This allows the wider spread of example networks and thus the products is trusted to deliver.,It is just that good. We recently had a perceived security threat from an internal user and used AlienVault to investigate. I was able to pull reports of that user's workstation(s) and could verify that nothing damaging. I was also able to verify with certainty for my management team that we had not been compromised.,8,10,7AlienVault USM Implementation ReviewWe use AlienVault USM to monitor our data center, network traffic, and key workstations. Our goal is to protect the systems from loss of PII, from malware, and from intrusion.,Alerts are emailed to us for many types of configurable concerns. Such as intrusion attempts. Network traffic can be monitored for PII that may be transferred across the network or off-site that is not authorized or that is sent unencrypted properly. Key systems can be monitored for malware, intrusions, and network traffic.,The menu structure could be broken down by categories that make it easier to locate sub-menus.,10,,We feel it is comparable to it as well as to open source solutions, but easier to implement than open source solutions.,We have achieved this benefit. We have used open source solutions. But, to get the same results we had to use multiple solutions. Also, the open source solutions were more difficult to set up and difficult to maintain. And the AlienVault OTX makes us feel better about the product being up to date as well as us being more informed as to current threats to be aware of.,2,2,IDS Malware FERPA Compliance Monitor PII IPS Ransomware,We have been able to use Custom Written plugins to monitor our off-brand switches and routers. Watch for PII being send across the network or off-site in an unencrypted format. Identify scans on the network from on and off-site in order to proactively block them at the firewall's.,Monitor critical systems, servers, an applications up-time.,10,Yes,We like the fact that USM has log management, provides excellent support, and provided us with a easy to deploy VM All-In-One system.,Price Product Features Product Usability Product Reputation Positive Sales Experience with the Vendor,The eval and selection went well and as we had hoped.,Implemented in-house Professional services company,Yes,Change management was minimal,no significant issues were encountered,10,10,No,Follow up is absolutely amazing.,Monitoring of Alarms Looking at the logs of monitored systems. Install and Setup up of Agents on servers.,Plugins are a bit difficult - but just something that needs to be learned. Some directives setup can be a bit difficult to do the first time - But, it just requires a little hands on practice.,No,10
Unspecified
AlienVault USM
393 Ratings
Score 8.1 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

AlienVault USM Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
AlienVault USM
393 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.1 out of 101
TrustRadius Top Rated for 2019
Show Filters 
Hide Filters 
Showing 37 of 393 AlienVault USM ratings and reviews.
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role

Reviews (1-25 of 37)

  Vendors can't alter or remove reviews. Here's why.
Philip Clarke profile photo
December 15, 2017

AlienVault USM Review: "AlienVault is no Alien when it comes to Security"

Score 10 out of 10
Vetted Review
Verified User
Review Source

Implementation

8

Initial implementation was okay, but we should have gone on the one week course first as an understanding of the features and what to look for would have been of great use. This is especially relevant when fine tuning and correlating events and creating parsers.

Once set up the system is pretty resilient and adding in configuration is quite an easy process. We only had on the odd few occasions had to progress any set up problems to tech support.

There are also some great whitepapers and set up articles on AlienVault's website support.

Read Philip Clarke's full review
Matt Frederickson profile photo
December 04, 2017

AlienVault USM Review: "AlienVault is the best SIEM out there - hands down!"

Score 10 out of 10
Vetted Review
Verified User
Review Source

Implementation

10
The one thing to remember is where to place the sensors within your organization. It is one thing to collect and analyze data, but collecting the right data is key. This is where AlienVaults experts really help. Instead of trying to sell you a gazillion sensors, they walk you through your network to make sure he sensors are where they need to be so you can achieve your goal. Implementation works so well because they take the time upfront to know your goals before they help you achieve them.
Read Matt Frederickson's full review
No photo available
January 03, 2018

AlienVault USM Review: "This is no Area 51, AlienVault exposes the hidden threats!"

Score 9 out of 10
Vetted Review
Verified User
Review Source

Implementation

8
We had PPS implement the system, which I highly recommend. While it is robust and flexible system, it is not what i would call a straightforward implementation. But it has been working relatively flawlessly since.
Read this authenticated review
James Ellsworth profile photo
August 03, 2017

AlienVault USM Review: "Don't be afraid of this Alien."

Score 8 out of 10
Vetted Review
Verified User
Review Source

Implementation

10
The best recommendation I can offer is understand the system that is being installed. Knowing how to configure and specific expectations that you expect from the machine. I would say to watch the tutorials and the online video's, get yourself involved with the community forum and ask the questions if you do not understand.
Our company did not make the best choice on the computer that the service was installed on and it has led to some adverse effects that did not appear until now, almost 2 years later and needing to re-install the entire system all over again.
If you need the help, ask for it. The technical support team at alienvault and community forum members are always there to answer questions.
Read James Ellsworth's full review
Jeremy Wanamaker profile photo
September 07, 2017

AlienVault USM Review: "AlienVault - Funny name but a great security product"

Score 9 out of 10
Vetted Review
Reseller
Review Source

Implementation

8
AlienVault USM is a great improvement on the AlienVault interface. They have streamlined the interface. There are some features that are not yet working, such as reverse-DNS, which I would consider essential to a mature product. If the development team can improve the functionality and maintain the streamlined interface, this will be a very good product.
Read Jeremy Wanamaker's full review
Jacob Lovell profile photo
July 28, 2017

AlienVault USM Review: "Pretty good!"

Score 8 out of 10
Vetted Review
Verified User
Review Source

Implementation

8
The fact that so many things come configured out of the box - Snort based NID, host based detection with deployable clients, self-motivated, automatic network discovery, vulnerability scanning - is the strongest point for AlienVault.
Read Jacob Lovell's full review
Karl Hart, ACSE, CEH, CHFI, CISSP profile photo
May 31, 2017

AlienVault USM Review: "AlienVault, so advanced that you will think it came from outer space."

Score 10 out of 10
Vetted Review
Verified User
Review Source

Implementation

10
Implementation is easy but having easy access to support and professional services is a great help. Getting it up and running is very easy, getting it configured for your specific environment does take a little more work, when you run into any issues support or your professional services provider is always there.
Read Karl Hart, ACSE, CEH, CHFI, CISSP's full review
Alexi Carey profile photo
May 26, 2017

AlienVault USM Review: "USM for AWS offers best solution on the market."

Score 8 out of 10
Vetted Review
Verified User
Review Source

Implementation

8
I have been satisfied with the service and the AWS for USM product. I am a bit concerned about the changing of product to the USM Anywhere and its price structure. I am hoping that we can keep our current price structure without any hidden costs. Other than that the sales team has worked very hard to give us a comparable price to the AWS for USM product. I also hope the the USM Anywhere is easy to use but has the same FIM features. Regardless, The USM team is extremely helpful, attentive and persistent. I would recommend them to anyone needing a product like theirs but was not concerned about price.
Read Alexi Carey's full review
Stephen Hockley profile photo
June 02, 2017

User Review: "A real experience with AlienVault USM"

Score 7 out of 10
Vetted Review
Verified User
Review Source

Implementation

7
Implementation will go smoother if you purchase pro services with the product and designate someone in the org as internal threat expert if non already exists. Focus on perimeter device logging first and tier one equipment then once logs are flowing move to less critical infrastructure.
Read Stephen Hockley's full review
No photo available
August 31, 2017

AlienVault USM Review: "Great product for small companies."

Score 10 out of 10
Vetted Review
Verified User
Review Source

Implementation

10
AlienVault USM was a very simple to implement and get up and running. We started with a trial version and had that up and going within an hour of receiving email instructions from the sales engineer. We never had to contact support to get the system up and going. It was extremely easy to convert over to a full license once we started with a paid version.
Read this authenticated review
No photo available
November 20, 2017

AlienVault USM Review: "Conspiracy Theory - No Aliens here!"

Score 9 out of 10
Vetted Review
Verified User
Review Source

Implementation

9
The implementation was very straight forward and was set up quickly. The implementation project was managed well, and the vendor installing and configuring the product was very knowledgeable. As we had done a proof of concept trial, it was trivial to convert our install into production.
Read this authenticated review
No photo available
November 13, 2017

AlienVault USM: "All-in-one, Integrated Security that is Simple and Low-cost"

Score 10 out of 10
Vetted Review
Verified User
Review Source

Implementation

9
The wizard makes AlienVault easy to deploy. Can take a little time since there are so many aspects to the product. Fast Start guides and the Training were very helpful in better understanding the product and deploying and getting the most out of the product.
Read this authenticated review
No photo available
June 02, 2017

AlienVault USM Review: "AlienVault - CyberDefense"

Score 9 out of 10
Vetted Review
Verified User
Review Source

Implementation

9
Implementation of AlienVault was very smooth and easy . Though the initial custom plugin configuration was a bit confusing, once learned building them it was most interesting part and was going on very well now for me. Really love it.
Read this authenticated review
No photo available
August 25, 2017

AlienVault USM Review: "AlienVault from a user"

Score 6 out of 10
Vetted Review
Verified User
Review Source

Implementation

3
The system is not very straight forward to setup, not many instructions. If your not very technical in IT then you will face huge issues. AlienVault should implement a easy install process. Alot of the tasks are manual for example to update packages you need to run commands, we then created our own cron jobs to do simple things that they haven't wrote yet.
Read this authenticated review

Feature Scorecard Summary

Centralized event and log data collection (1)
8
Correlation (1)
8
Event and log normalization (1)
8
Deployment flexibility (1)
7
Custom dashboards and views (1)
6
Host and network-based intrusion detection (1)
7

About AlienVault USM

AlienVault USM Anywhere is a cloud-based security management solution that promises to accelerate and centralize threat detection, incident response, and compliance management for cloud, hybrid cloud, and on-premises environments. The vendor says that USM Anywhere includes purpose-built cloud sensors that natively monitor your Amazon Web Services (AWS) and Microsoft Azure cloud environments. On premises, lightweight virtual sensors run on Microsoft Hyper-V and VMware ESXi to monitor your virtual private cloud and physical IT infrastructure.

USM Anywhere aims to help you rapidly deploy sensors into your cloud and on-premises environments while centrally managing data collection, security analysis, and threat detection from the AlienVault Secure Cloud.

Five Essential Security Capabilities in a Single SaaS Platform

AlienVault says that USM Anywhere provides five essential security capabilities, giving you everything you need for threat detection, incident response, and compliance management, within one platform. With USM Anywhere, you can focus on finding and responding to threats, not managing software. USM Anywhere can readily scale to meet your threat detection needs as your hybrid cloud environment changes and grows.

  1. Asset Discovery
  2. Vulnerability Assessment
  3. Intrusion Detection
  4. Behavioral Monitoring
  5. SIEM

Try USM Anywhere in your environment—free for the first 14 days.
www.alienvault.com/products/usm-anywhere/free-trial

AlienVault USM Features

Security Information and Event Management (SIEM) Features
Has featureCentralized event and log data collection
Has featureCorrelation
Has featureEvent and log normalization
Has featureDeployment flexibility
Has featureIntegration with Identity and Access Management Tools
Has featureCustom dashboards and views
Has featureHost and network-based intrusion detection
Additional Features
Has featureAlienVault Open Threat Exchange

AlienVault USM Screenshots

AlienVault USM Videos (2)

Watch AlienVault USM Anywhere: Five Essential Cloud Security Capabilities in a Single SaaS Platform

Watch See How We're Pushing the Outer Limits of Security

AlienVault USM Downloadables

Pricing

Has featureFree Trial Available?Yes
Has featureFree or Freemium Version Available?Yes
Has featurePremium Consulting/Integration Services Available?Yes
Entry-level set up fee?Optional

AlienVault USM Support Options

 Free VersionPaid Version
Phone
Email
Forum/Community
FAQ/Knowledgebase
Social Media
Video Tutorials / Webinar

AlienVault USM Technical Details

Deployment Types:SaaS
Operating Systems: Unspecified
Mobile Application:No
Supported Countries:Global