AlienVault USM Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
608 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 7.9 out of 100

Do you work for this company? Manage this listing

TrustRadius Top Rated for 2019

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Filtered By:

Reviews (1-25 of 349)

Christian Holton profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

I've mentioned this several times in my review. I don't think we've reached the point where I feel like I've spent enough time tuning the specifics and exploring the capabilities to their fullest. Does AlienVault excel at identifying threats? Yes, absolutely. Is the amount of work I need to do to detect security threats reduced by AlienVault? Yes, absolutely. Do I feel like I should spend weeks delving deeper into the capabilities of AlienVault and further configuring the detection engine to reduce the countless false positives that actually ADD to my workday? Yes, absolutely.

Is it significantly more likely that my organization would have suffered security breaches had AlienVault not notified me in advance? Yes, absolutely.
Read Christian Holton's full review
Mpho Lekota profile photo
Score 7 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

Quickly assess threats with automated alert prioritization.Make informed decisions with full details on every alarm,
including a description of the threat, its method and strategy, and recommendations on response.Achieve multi-layered threat detection for your on-premises and cloud environments using the USM platform’s built-in host-, network-, and cloud-based intrusion detection systems and endpoint detection capabilities.

Read Mpho Lekota's full review
Stacey Medina profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

The AlienVault USM has reduced the amount of work I need to perform by centralizing all my threats, vulnerabilities and logs. It allows me to have one central login for all my needs and information. I can also share it with anyone I need via email or save logs to PDF.
Read Stacey Medina's full review
Jeremy Cejka profile photo
Score 4 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

It's a catch 22 whether AlienVault has provided a reduction in work to detect security threats. I don't believe this is unique to AlienVault in the sense that they're are always false positives, more than true hits. So it's just a shift in the work to then invalidate a threat notification. Business that want security overlook the amount of work a security department requires. Unless you outsource the SOC work, mitigating the work in the SIEM does not alleviate the need or work a SOC has to do.
Read Jeremy Cejka's full review
Ranjith R profile photo
Score 7 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

Yes but not that effective in triggering a correlation rule alarms, generally guard duty in AWS can do the same job for alerting, AlienVault agents should possess a capacity to identify the risk and web application traffic to be more effectively identifying the attack vector's like misconfiguration within the instance or assets and patch related issues.
Read Ranjith R's full review
Cory Watson profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

I think that is my main pro. With very little configuration you are able to get off to the races. Configure your tools on-prem and cloud as well as asset scanning and the NIDS and then just wait. Soon you'll be tuning the rules you don't care about in the environment and you're good to go.
Read Cory Watson's full review
Fintan O'Meara profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

This was the key differentiator for us when it came to AlienVault USM. It provided real beneficial ROI pretty much straight out of the box, and required very little configuration of endpoint equipment to start monitoring and alerting for significant events.
Read Fintan O'Meara's full review
Mario Martinez profile photo
September 27, 2019

AlienVault does the job

Score 9 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

Yes. We make use of the AlienVault agent, test triggering a handful of alerts each year, and have procedures in place for responding to alerts.
Read Mario Martinez's full review
Mark Taghap profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

AlienVault USM has slightly reduced our workload as it prevents malicious activities from spreading. With the alerts, we can quickly mitigate those issues.
Read Mark Taghap's full review
Agustin Larrarte profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

We come from having an open-source solution based on snort that we had to add extra intelligence in order to analyze security events, where we spent a lot of time researching tools in depth like Snort. With Alienvault, we forgot about that right off the bat, all the right signatures we need are there and support has been great. It has helped us cut costs that were time-related and let us focus on what we need to.
Read Agustin Larrarte's full review
Jesse Bickel profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

Our organization did overall see a reduction in operational overhead. The report schedule was very beneficial and the assessment for the most part always aided us to resolution. The real benefit would have been seen if we used this in a production public environment. With these tools in place and a couple of supplemental tools such as PENS testing and AWS inspector, we felt confident our security needs were being met.
Read Jesse Bickel's full review
Erich Barlow, MIS profile photo
Score 7 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

No, we have not achieved this benefit. We continue to have to manually kick off scans and to go into the app in order to determine our vulnerabilities through the portal. This is largely due to the lack of being able to have those automated scan being kicked off due to our large amounts of data being collected (even though no changes have occurred). I actually have to spend more time in the application than I did previously.
Read Erich Barlow, MIS's full review
Todd Fletcher profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

This is primary purpose of implementing this tool. Leveraging the automation of ingestion, normalization and analysis allows our limited security staff to focus on relevent events. Addtionally, I have begun forwarding events from our DLP and Endpoint protection tools to USM to improve the centeralied monitoring and handling of threat detection. More time is now spend on handling the possible malicous events than on sifting through data finding them.
Read Todd Fletcher's full review
Adam Nield profile photo
September 05, 2019

Picking up AlienVault USM

Score 8 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

We have certainly achieved this benefit from the system, with very little configuration required by myself as the default policies are well set-up to flag any threats on the system. This alongside setting up your assets with a priority will help calculate the priority order for investigating those threats too! We have also set-up our system to email the relevant team should an alarm be raised with a high enough priority in order for threats to be caught ASAP.
Read Adam Nield's full review
Pankaj KC profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

As per our compliance policy, we need to have a log review process monthly. With the help of USM, it has been easier to do that. It centralizes the logs and process to give the exact scenario of our infrastructures network and system logs. This product provides pre-built and customizable dashboards to view data collected by different sensors. Otherwise, we had to go through every single log and review it manually which would have resulted in frustration.
Read Pankaj KC's full review
Ariel Lucas Sandor profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

If you dedicate a little bit of time optimizing the solution, you can save a lot of time later. When we installed AlienVault, our technical engineers started to dedicate more time trying to fix the threats than looking for or implementing other solutions, so the ROI was pretty instant.
Read Ariel Lucas Sandor's full review
Brian Lindow profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

This benefit happened within the first month since we are able to filter to only critical threats that are exploitable. Very little time spent on false positives which is typically a big FTE issue.
Read Brian Lindow's full review
Magdiel Hernandez profile photo
Score 5 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

We have achieved this. However-- and believe me, I'm not trying to just pound the product, which is not bad overall, just behind on functionality-- the concept of security analytics and funneling down data is not as expected. Again, plugins make it hard to achieve this.
Read Magdiel Hernandez's full review
Ryan Hart, MBA profile photo
July 29, 2019

Better than Splunk

Score 10 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

AlienVault USM filters through the noise and helps us monitor our logs in an intelligent way. We are able to respond to focused and relevant alerts rather than hunting and pecking to find issues in a time-intensive method after the fact.
Read Ryan Hart, MBA's full review
No photo available
Score 8 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

AlienVault USM has reduced the amount of review we were conducting on a daily basis without sacrificing monitoring. It allows me to better understand the threat posture of our infrastructure as well. SIEMs are only as good as their content. Since AlienVault USM comes with decent content of the box it actively reduces your workload for the minute it is deployed. It isn't a silver bullet and it requires feed and care. Unlike other tools, you will continue to increase its value with time spent in it.
Read this authenticated review
No photo available
Score 7 out of 10
Vetted Review
Verified User
Review Source

Using AlienVault USM to Simplify Threat Detection

In terms of simplification, AlienVault USM does a fairly good job. It filters through the all the information and generates a comprehensive report with a certain level of configuration. By doing this, the users can spend time to focus on the actual problem rather than get annoyed by the noises.
Read this authenticated review

Feature Scorecard Summary

Centralized event and log data collection (1)
8
Correlation (1)
8
Event and log normalization (1)
8
Deployment flexibility (1)
7
Custom dashboards and views (1)
6
Host and network-based intrusion detection (1)
7

About AlienVault USM

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, including SIEM, intrusion detection, vulnerability management, as well as continuous threat intelligence updates. The vendor states that even for resource-limited IT security teams, AlienVault USM can be affordable, fast to deploy, and easy to use. It eliminates the need to deploy, integrate, and maintain multiple point solutions in the data center.

Smart, automated data collection & analysis: USM Anywhere automatically collects and analyzes data across the attack surface, helping to quickly gain centralized security visibility without the complexity of multiple disparate security technologies.

Automated threat detection powered by AT&T Alien Labs: With threat intelligence provided by AT&T Alien Labs, USM Anywhere is updated automatically to stay on top of evolving and emerging threats, so the security team can focus on responding to alerts.

Incident response orchestration with AlienApps: USM Anywhere supports a growing ecosystem of AlienApps, enabling the user to orchestrate and automate actions towards other security technologies, able to respond to incidents quickly and easily.

AlienVault USM Features

Security Information and Event Management (SIEM) Features
Has featureCentralized event and log data collection
Has featureCorrelation
Has featureEvent and log normalization
Has featureDeployment flexibility
Has featureIntegration with Identity and Access Management Tools
Has featureCustom dashboards and views
Has featureHost and network-based intrusion detection
Additional Features
Has featureAlienVault Open Threat Exchange

AlienVault USM Screenshots

AlienVault USM Videos (2)

Watch AlienVault USM Anywhere: Five Essential Cloud Security Capabilities in a Single SaaS Platform

Watch See How We're Pushing the Outer Limits of Security

AlienVault USM Downloadables

AlienVault USM Competitors

Pricing

  • Has featureFree Trial Available?Yes
  • Has featureFree or Freemium Version Available?Yes
  • Has featurePremium Consulting/Integration Services Available?Yes
  • Entry-level set up fee?Optional

AlienVault USM Support Options

 Free VersionPaid Version
Phone
Email
Forum/Community
FAQ/Knowledgebase
Social Media
Video Tutorials / Webinar
Live Chat

AlienVault USM Technical Details

Deployment Types:SaaS
Operating Systems: Unspecified
Mobile Application:No
Supported Countries:Global