AlienVault USM

AlienVault USM

TRUE
About TrustRadius Scoring
Score 7.6 out of 100
TRUE
AlienVault USM

Overview

Recent Reviews

MSSP Review

8 out of 10
October 04, 2021
AlienVault offers a different experience as opposed to other SIEM tools where it can be set up and configured properly in a shorter amount …
Continue reading

Unbeatable Security Machine

8 out of 10
August 07, 2020
AlienVault is one of many security solutions that we utilize in our network. We use it to monitor unusual traffic and behavior to and from …
Continue reading

Great tool for medium shops

7 out of 10
July 11, 2020
USM is used across the whole organization and helped us complete and maintain security requirements for an SoC 2 Type 2 compliance. We …
Continue reading

Reviewer Sentiment

N/A
Positive ()
N/A
Negative ()
Learn how we calculate reviewer sentiment

Awards

TrustRadius Award Top Rated 2021
TrustRadius Award Top Rated 2020
TrustRadius Award Top Rated 2019

Popular Features

View all 7 features

Correlation (5)

7.1
71%

Centralized event and log data collection (5)

6.8
68%

Event and log normalization/management (7)

6.7
67%

Custom dashboards and workspaces (7)

6.1
61%

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of AlienVault USM, and make your voice heard!

Pricing

View all pricing

Essentials

$1,075

Cloud
per month

Standard

$1,695

Cloud
per month

Premium

$2,595

Cloud
per month

Entry-level set up fee?

  • Setup fee optional
For the latest information on pricing, visithttps://www.alienvault.com/products/pri…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Features Scorecard

Security Information and Event Management (SIEM)

6.6
66%

Product Details

What is AlienVault USM?

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, including SIEM, intrusion detection, vulnerability management, as well as continuous threat intelligence updates. The vendor states that even for resource-limited IT security teams, AlienVault USM can be affordable, fast to deploy, and easy to use. It eliminates the need to deploy, integrate, and maintain multiple point solutions in the data center.

Smart, automated data collection & analysis: USM Anywhere automatically collects and analyzes data across the attack surface, helping to quickly gain centralized security visibility without the complexity of multiple disparate security technologies.

Automated threat detection powered by AT&T Alien Labs: With threat intelligence provided by AT&T Alien Labs, USM Anywhere is updated automatically to stay on top of evolving and emerging threats, so the security team can focus on responding to alerts.

Incident response orchestration with AlienApps: USM Anywhere supports a growing ecosystem of AlienApps, enabling the user to orchestrate and automate actions towards other security technologies, able to respond to incidents quickly and easily.

AlienVault USM Features

Security Information and Event Management (SIEM) Features

  • Supported: Centralized event and log data collection
  • Supported: Correlation
  • Supported: Event and log normalization/management
  • Supported: Deployment flexibility
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces
  • Supported: Host and network-based intrusion detection

Additional Features

  • Supported: AlienVault Open Threat Exchange

AlienVault USM Screenshots

USM Anywhere NIDS Dashboard

AlienVault USM Videos

AlienVault USM Downloadables

AlienVault USM Competitors

AlienVault USM Technical Details

Deployment TypesSaaS
Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesGlobal

Comparisons

View all alternatives

Frequently Asked Questions

What is AlienVault USM's best feature?

Reviewers rate Correlation highest, with a score of 7.1.

Who uses AlienVault USM?

The most common users of AlienVault USM are from Mid-sized Companies (51-1,000 employees) and the Information Technology & Services industry.

Reviews

(1-25 of 383)
Companies can't remove reviews or game the system. Here's why
Score 7 out of 10
Vetted Review
Verified User
Review Source
While AlienVault USM touts that it should reduce the amount of work needed to detect security threats, for the most part, due to the need to always be suppressing junk/noise, it has increased the amount of work needed. Out of the box, USM isn't a good candidate and KBs/support do a poor job of getting it to where you should be, especially for the price. Our integrator was unfamiliar with half of the features and always took the 1-hour conference calls for us to basically send all of our questions to support. They literally provided no added value to our experience and going through this again we would skip the integrator.
Thomas Young | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
The question is really hard to answer because, without the help of AlienVault, who would know whether the goals of avoiding a network breach would have been achieved. With that said, the software runs seamlessly. It's almost unbelievable how easy the software is to use. The ease-of-use sometimes makes me wonder if it is capturing and addressing all the threats, but I assume it is doing its job. I have no reason to believe the software isn't doing what it says it is doing.
Score 4 out of 10
Vetted Review
Verified User
Review Source
No, we have not achieved any reduction of the amount of work. These types of tools require an initial outlay of manpower to get them set up and reporting accordingly. When features limit the user's ability to do that effectively, it adds to the amount of work to deploy; therefore reducing the overall return on investment.
Score 8 out of 10
Vetted Review
Verified User
Review Source
It took a long time to get this solution configured at first, but now it does save us a lot of time. We know what's going on a lot sooner via alerts and parsed logs, which reduces our threat response time and gives us time to prevent an attack. AlienVault provided us with training sessions and materials to understand how to set up and customize the product. Without these resources, we could not have set up the product properly.
Score 8 out of 10
Vetted Review
Verified User
Review Source
Our organization was not previously detecting security threats at any appreciable level until after an attack or issue was detected. So we have not realized a simplification. We have rather achieved an acceptable level of awareness which we previously did not know we needed.
Score 10 out of 10
Vetted Review
Verified User
Review Source
Every other tool I looked at would have consumed all of my time to configure and manage. AlienVault was easy to set up and really maintains itself. The reporting and alarms work really well with minimum input from me. And when a security event happens, I can read what's going on in plain English.
Score 7 out of 10
Vetted Review
Verified User
Review Source
It can reduce the amount of work required to detect security threats if you invest time on the front end to get it properly configured by connecting all of your data sources to feed it all the of information and then spending time to filter out the noise to get down to the information that provides meaningful alerts.
Score 9 out of 10
Vetted Review
Reseller
Review Source
The amount of work we have to put in to detect security threats has been decreased by AlienVault USM, as we are able to configure live alerting for specific critical alerts to ensure we are always notified when real issues occur, meaning that we don't have to spend as much time monitoring the dashboard interface or checking other monitoring elements within the infrastructure.
Score 7 out of 10
Vetted Review
Verified User
Review Source
We have achieved the benefit of reduced ongoing effort but it does require significant initial effort to fully integrate with all desired data sources. This tool, like many in its class, is a serious tool that does many things but requires much work to become useful for an organization.
Score 7 out of 10
Vetted Review
Verified User
Review Source
I'm not sure it reduced the amount of work for us. It gave us better visability into our network and where we have flaws that we need to look at. You can create groups too so if you have dev machines or prod machines, you can group them to know which alerts need to be gotten to right away and which others can be looked at at a later time.
Score 9 out of 10
Vetted Review
Verified User
Review Source
AlienVault USM Anywhere has absolutely significantly reduced the effort and time needed for us to gain strong awareness of our environment, detect security threats, and be able to respond in a timely manner, even without a dedicated 24x7 SOC.
Score 9 out of 10
Vetted Review
Reseller
Review Source
We no longer need to log into each system (Cisco umbrella etc.) as we now have one unified dashboard that will alert us to any anomalies. We also will use the tool to become fully compliant with ISO 27002 for example, this will saves us a lot of resources that previously would require major planning.
Steinerroggers Ufomaduh | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
Despite the initial focus of our program being vulnerability management, the ease of integration of the solution caused an expansion of the scope of usage of the solution--to threat detection. Along with the information from the OTX, the solution definitely provides an effective service in terms of detecting potential threats and alerting us in order to act. It also works in a very simple fashion.
Score 9 out of 10
Vetted Review
Verified User
Review Source
It helps us a lot in the matter of discovering threats present in the network through the Suricata network analyzer that it has embedded. The rules based on logs are not very good but it offers the possibility of creating your own rules.
Angel Meza | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
The integration with OTX can do wonders at times, and making adjustments to filter false positives is quite easy, so having a properly configured environment that alerts with confidence about security incidents or threats is quite manageable.
Arther Magaya | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Reseller
Review Source
We use USM to automate threat correlation, alerts, and the remediation process through the Alien apps, API integrations, and port mirroring. Multiple advanced persistent threats have been eradicated through AlienVault USM and we are able to manage all our managed services clients on a single pane. The fact that the platform itself is compliant in most recognized standards, like HIPAA and ISO and PCI, gives our customers the confidence in the services we provide to them.
March 18, 2020

AlienVault is amazing

Alan Yair Villaseñor Cervantes | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Reseller
Review Source
No, because we are a new SOC, so maybe we are not using all of it's potential. In the future, I want my team to use this tool on a daily basis and get well-done reports, as today we can't do that.
Score 8 out of 10
Vetted Review
Reseller
Review Source
Yes, we and our clients are achieving this. We have clients with PCI DSS certification, where security is more than just a monitoring and regular threat intelligence. With automated compliance regulation checks and reports, AlienVault reduces the work required to fulfill such stringent compliance requirements. Also, the automation enables a single analyst to monitor multiple clients in a single pane of glass.
March 09, 2020

AlienVault USM Review

Score 8 out of 10
Vetted Review
Verified User
Review Source
Yes. AlienVault USM reduced the amount of work it takes to detect security threats. Our organization has very few security analysts to handle multiple projects 24/7. It was very easy to deploy--did not take more than 3 months, compared to other SIEM tools in the market. It saves time and man-power, as it is the most cost-effective product in our organization.
March 09, 2020

AlienVault Review

Score 6 out of 10
Vetted Review
Verified User
Review Source
No, absolutely not. We are going to hire an MSSP just to babysit this thing. I mean I guess with an unlimited budget you could get a cap high enough that it wouldn't matter, but we've had many issues with it missing things it should have caught or not alerting on things where it should have. Again, could it be a tuning issue, but who has that kind of time?