AlienVault USM

AlienVault USM

TRUE
About TrustRadius Scoring
Score 7.6 out of 100
TRUE
AlienVault USM

Overview

Recent Reviews

MSSP Review

8 out of 10
October 04, 2021
AlienVault offers a different experience as opposed to other SIEM tools where it can be set up and configured properly in a shorter amount …
Continue reading

Unbeatable Security Machine

8 out of 10
August 07, 2020
AlienVault is one of many security solutions that we utilize in our network. We use it to monitor unusual traffic and behavior to and from …
Continue reading

Great tool for medium shops

7 out of 10
July 11, 2020
USM is used across the whole organization and helped us complete and maintain security requirements for an SoC 2 Type 2 compliance. We …
Continue reading

Reviewer Sentiment

N/A
Positive ()
N/A
Negative ()
Learn how we calculate reviewer sentiment

Awards

TrustRadius Award Top Rated 2021
TrustRadius Award Top Rated 2020
TrustRadius Award Top Rated 2019

Popular Features

View all 7 features

Correlation (5)

7.1
71%

Centralized event and log data collection (5)

6.8
68%

Event and log normalization/management (7)

6.7
67%

Custom dashboards and workspaces (7)

6.1
61%

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of AlienVault USM, and make your voice heard!

Pricing

View all pricing

Essentials

$1,075

Cloud
per month

Standard

$1,695

Cloud
per month

Premium

$2,595

Cloud
per month

Entry-level set up fee?

  • Setup fee optional
For the latest information on pricing, visithttps://www.alienvault.com/products/pri…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Features Scorecard

Security Information and Event Management (SIEM)

6.6
66%

Product Details

What is AlienVault USM?

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, including SIEM, intrusion detection, vulnerability management, as well as continuous threat intelligence updates. The vendor states that even for resource-limited IT security teams, AlienVault USM can be affordable, fast to deploy, and easy to use. It eliminates the need to deploy, integrate, and maintain multiple point solutions in the data center.

Smart, automated data collection & analysis: USM Anywhere automatically collects and analyzes data across the attack surface, helping to quickly gain centralized security visibility without the complexity of multiple disparate security technologies.

Automated threat detection powered by AT&T Alien Labs: With threat intelligence provided by AT&T Alien Labs, USM Anywhere is updated automatically to stay on top of evolving and emerging threats, so the security team can focus on responding to alerts.

Incident response orchestration with AlienApps: USM Anywhere supports a growing ecosystem of AlienApps, enabling the user to orchestrate and automate actions towards other security technologies, able to respond to incidents quickly and easily.

AlienVault USM Features

Security Information and Event Management (SIEM) Features

  • Supported: Centralized event and log data collection
  • Supported: Correlation
  • Supported: Event and log normalization/management
  • Supported: Deployment flexibility
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces
  • Supported: Host and network-based intrusion detection

Additional Features

  • Supported: AlienVault Open Threat Exchange

AlienVault USM Screenshots

USM Anywhere NIDS Dashboard

AlienVault USM Videos

AlienVault USM Downloadables

AlienVault USM Competitors

AlienVault USM Technical Details

Deployment TypesSaaS
Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesGlobal

Comparisons

View all alternatives

Frequently Asked Questions

What is AlienVault USM's best feature?

Reviewers rate Correlation highest, with a score of 7.1.

Who uses AlienVault USM?

The most common users of AlienVault USM are from Mid-sized Companies (51-1,000 employees) and the Information Technology & Services industry.

Reviews

(1-25 of 358)
Companies can't remove reviews or game the system. Here's why
Score 7 out of 10
Vetted Review
Verified User
Review Source
AlienVault USM appears valuable product in our toolkit to fight cyber security threats however it needs a lot of configuration to manage the noise and bloat. Out of the box, it's nearly unusable for determining what a real threat may be.
Thomas Young | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Because threat intelligence is something that is not directly observable for most IT individuals, the software reports real security threats in real-time. Presumably the software is honest in its reporting of such threats, because at times it's hard to believe the number of threats reported by the software. Perhaps the best feature of AlienVault USM Anywhere is the ease of use. The software requires some IT knowledge, but really a non-IT person could figure out what the software is doing without advanced knowledge. That ease-of-use is important given the many tasks in a given day.
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault USM provides very detailed and very sensitive findings regarding environmental threats. IT allows us to detect issues that would have completely escaped our AV software and which would have been ignored because no-one regularly reads firewall logs. Because it reads all log input but filters for only potential issues it provides us with confidence that everything is being watched.
Score 7 out of 10
Vetted Review
Verified User
Review Source
Based on my experience with SolarWinds, AlienVault, when configured properly, is much better at detecting threats. It uses an open source platform to contribute and receive real-time information about malicious hosts. This real-time information is key to making sure your network is protected from the most current threats in the ever-changing world of cyber security.
Score 9 out of 10
Vetted Review
Reseller
Review Source
We have found AlienVault USM to be very effective at detecting real security threats and events in our deployments. The breath of ingestion options (logs, network traffic, events from plugins) combined with the built-in asset discovery and vulnerability detection provides rich detection results.
The integrated threat intelligence feeds from AlienVaul OTX are very useful in adding live actionable threat intelligence to the existing correlation rules in place, which allows detections to be automatically updated based on current threat intelligence.
Score 7 out of 10
Vetted Review
Verified User
Review Source
We have not experienced real security threats in the environments since we have USM monitoring, therefore this question is hard to answer. That said, the tool is only as good as the data it has to work with. Therefore, if it has limited data, it has less to work with. As mentioned before, this platform requires much fine-tuning to mitigate false positives.
Score 7 out of 10
Vetted Review
Verified User
Review Source
We have multiple components to our security protocols and AlienVault is just one of the resources. It's good because it does alerting and you can set up specific alerts or hours so you don't get 100s of emails all at once. You can also set up groups to it's easier to view the machines overall.
Score 9 out of 10
Vetted Review
Verified User
Review Source
There's not much that can be missed between agent-based endpoint intel and authenticated scans over the network. Furthermore, integrating HIDS & NIDS, EDR, threat intel, IR, and log correlation leaves very very little to get thru the cracks! Defense-in-depth is stacked up quite a bit just from this single platform. Their EDR, specifically, is likely to provide a false positive rather than the danger of true negatives. This is because the ruleset is sensitive by default but can be tweaked to be appropriate for a given environment.
Score 9 out of 10
Vetted Review
Reseller
Review Source
Firstly, it is very easy to use and can detect back doors, exploit, attacks in real-time. It is perfect for detect every problem on a server. AlienVault is a great tool for detecting any threat to your system, and is an effective and fast software. Support is also very quick and effective.
Angel Meza | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
The configurations overall are great to have setup security alerts that do matter and are classified and valued depending on many factors, such as the amount of events, the parties involved, the value/relevance of each device with ease, as well as the integration with OTX, that solves the issue of having to manually update rules for each new exploit or attack that is found in the wild.
Arther Magaya | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Reseller
Review Source
Other network security solutions are not capable of integrating with multiple vendors compared to Alienvault USM. The ability of USM to correlate information provided by several network devices in minimal time and to customize alerts and relate them to the open threat exchange with real-time world statistics makes it unique. USM is a great product as it allows flexibility of use both on-premises and in the cloud environment.
March 18, 2020

AlienVault is amazing

Alan Yair Villaseñor Cervantes | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Reseller
Review Source
Well, it could be more effective because the alarm only shows a little information. It can improve in that way. Like, if there is an alarm, I can't see the whole context. To search and understand what is happening in my network, then in the client network with otx and the pulses--they helped a lot.
Score 8 out of 10
Vetted Review
Reseller
Review Source
With its online threat intelligence exchange and its connection to appliances, AlienVault USM keeps the appliances and further the organization up-to-date protected against the latest threats. With the regular feed of directives to appliances, our analysts have to spend less time to write their own directives and policies and they can work on the results of it.
March 09, 2020

AlienVault USM Review

Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault USM is leading the market in threat intelligence. It has default 3000+ directives and easy cross-correlation. Correlation directives with an extensive and growing library of pre-defined rules that translate raw events into specific, actionable threat information by linking disparate events from across your network. Network IDS signature detects the latest malicious traffic on the network.
March 09, 2020

AlienVault Review

Score 6 out of 10
Vetted Review
Verified User
Review Source
I've had issues here with event correlation with other products. I can't say for sure where we miss it, but AlienVault seems to fire off when our other systems don't, and those systems tend to fire off with each other. So I tend to say that AlienVault winds up missing a lot of things I think it should catch. But that could also be a tuning issue, but when you're fighting to stay under the cap, and it has so many options, it's very difficult to determine which things you want to keep and what you want to ignore. Again, if you have one person babysitting it, its probably going to be ok, but if you don't, it's really not that useful.