AlienVault USM

AlienVault USM

TRUE
About TrustRadius Scoring
Score 7.6 out of 100
TRUE
AlienVault USM

Overview

Recent Reviews

MSSP Review

8 out of 10
October 04, 2021
AlienVault offers a different experience as opposed to other SIEM tools where it can be set up and configured properly in a shorter amount …
Continue reading

Unbeatable Security Machine

8 out of 10
August 07, 2020
AlienVault is one of many security solutions that we utilize in our network. We use it to monitor unusual traffic and behavior to and from …
Continue reading

Great tool for medium shops

7 out of 10
July 11, 2020
USM is used across the whole organization and helped us complete and maintain security requirements for an SoC 2 Type 2 compliance. We …
Continue reading

Reviewer Sentiment

N/A
Positive ()
N/A
Negative ()
Learn how we calculate reviewer sentiment

Awards

TrustRadius Award Top Rated 2021
TrustRadius Award Top Rated 2020
TrustRadius Award Top Rated 2019

Popular Features

View all 7 features

Correlation (5)

7.1
71%

Centralized event and log data collection (5)

6.8
68%

Event and log normalization/management (7)

6.7
67%

Custom dashboards and workspaces (7)

6.1
61%

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of AlienVault USM, and make your voice heard!

Pricing

View all pricing

Essentials

$1,075

Cloud
per month

Standard

$1,695

Cloud
per month

Premium

$2,595

Cloud
per month

Entry-level set up fee?

  • Setup fee optional
For the latest information on pricing, visithttps://www.alienvault.com/products/pri…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Features Scorecard

Security Information and Event Management (SIEM)

6.6
66%

Product Details

What is AlienVault USM?

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, including SIEM, intrusion detection, vulnerability management, as well as continuous threat intelligence updates. The vendor states that even for resource-limited IT security teams, AlienVault USM can be affordable, fast to deploy, and easy to use. It eliminates the need to deploy, integrate, and maintain multiple point solutions in the data center.

Smart, automated data collection & analysis: USM Anywhere automatically collects and analyzes data across the attack surface, helping to quickly gain centralized security visibility without the complexity of multiple disparate security technologies.

Automated threat detection powered by AT&T Alien Labs: With threat intelligence provided by AT&T Alien Labs, USM Anywhere is updated automatically to stay on top of evolving and emerging threats, so the security team can focus on responding to alerts.

Incident response orchestration with AlienApps: USM Anywhere supports a growing ecosystem of AlienApps, enabling the user to orchestrate and automate actions towards other security technologies, able to respond to incidents quickly and easily.

AlienVault USM Features

Security Information and Event Management (SIEM) Features

  • Supported: Centralized event and log data collection
  • Supported: Correlation
  • Supported: Event and log normalization/management
  • Supported: Deployment flexibility
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces
  • Supported: Host and network-based intrusion detection

Additional Features

  • Supported: AlienVault Open Threat Exchange

AlienVault USM Screenshots

USM Anywhere NIDS Dashboard

AlienVault USM Videos

AlienVault USM Downloadables

AlienVault USM Competitors

AlienVault USM Technical Details

Deployment TypesSaaS
Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesGlobal

Comparisons

View all alternatives

Frequently Asked Questions

What is AlienVault USM's best feature?

Reviewers rate Correlation highest, with a score of 7.1.

Who uses AlienVault USM?

The most common users of AlienVault USM are from Mid-sized Companies (51-1,000 employees) and the Information Technology & Services industry.

Reviews

(1-25 of 389)
Companies can't remove reviews or game the system. Here's why
October 04, 2021

MSSP Review

Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault is a great all-in-one SIEM appliance to apply to both small and large-scale environments. Asset management and vulnerability scanning as built-in features are useful tools to keep on top of asset management. OTX threat intelligence is a highly valuable feature to correlate with threat alarms, providing up-to-date threat intel.
Score 9 out of 10
Vetted Review
Verified User
Review Source
With Alienvault USM, we rapidly deploy sensors into our cloud and on-premises environments while centrally managing threat detection, security analysis, and data collection from the AlienVault Secure device. AlienVault USM provides us with five essential security capabilities in a single solution, giving us everything we need for compliance management, threat detection, and incident response as a one-stop solution.
Score 7 out of 10
Vetted Review
Verified User
Review Source
AlienVault is well-suited for the customer that needs compliance reports for PCI/HIPAA/etc. The price will hinder some customers from being able to afford it. This tool does the same thing that dozens of others do, so concentrating more on security scanning, vulnerability, and threats would prevent it from too much overlapping of features. Every vendor who tries to do a "single pane of glass" and be a "single source" always does this poorly.
Thomas Young | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
AlienVault is well-suited for organizations concerned about protecting their information technology networks. If you have large volumes of sensitive data, it needs to be protected. AlienVault is a helpful solution in that it provides lots of information about the security of the network, in addition to intruder detection. The software is not well-suited for individuals or corporations that don't understand network security or have little sensitive information worth protecting.
Score 7 out of 10
Vetted Review
Reseller
Review Source
It is well suited for companies having the resources to deploy on-premises SIEMs and the technically skilled staff to manage it. It's ideal for big companies which require an SOC. It is not suitable for companies with fewer resources, a lack of skilled staff to manage the SIEM, and less financing in security budgets.
Score 4 out of 10
Vetted Review
Verified User
Review Source
At this point I'm saying a 4. While the marketing material make it appear to be easy to use and it was relatively easy to set up, as previously mentioned, each event description is based upon the individual asset making it nearly impossible for the administrator to be a SME for each asset. For example, if one of the assets reporting is a router, the administrator monitoring alerts would need to know what the various events are that can be triggered as an event for the particular router; however, if the asset is a workstation, the administrator would need to know the various events that are triggered for workstations.
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault is an impressive solution for any organization dedicated to the proactive security of their environment. However, not every organization will be able to spare the time required to properly set up and administer it.
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault USM works well for a cloud/remote/on-prem environment where AV is also centralized (to allow for cross-checking findings). It would be perhaps less well suited to a cloud-only environment with remote users.
Score 10 out of 10
Vetted Review
Verified User
Review Source
In the case of a small office network, it might not be a good fit. In that case, I would recommend finding an MSP that uses it. Along with a good antivirus and firewall, I believe that this tool proves to be an excellent piece of any multi-tiered security system.
Score 7 out of 10
Vetted Review
Verified User
Review Source
For an organization that has a dedicated security team, it is a powerful tool in your security arsenal. For others, it's going to be something that requires a lot of time to implement and maintain that may not be your primary focus. While you can feel confident that all the information is there and searchable, you may not feel as confident that you are getting alerts on everything you want to be alerted about if you don't stay on top of maintaining the system.
Score 9 out of 10
Vetted Review
Reseller
Review Source
AlienVault is well suited to companies that use either Azure/Office 365 or GSuite due to the built-in integrations that come with the product. Less complicated networks are easier to fully monitor all traffic on, thus taking advantage of richer correlations of events.

While it works with fully on-premise deployments (Exchange, file server etc), additional configuration for log correlations and alerting will likely be needed. Also for complex networks, getting the required port mirroring to ingest all network traffic can be difficult.
Score 7 out of 10
Vetted Review
Verified User
Review Source
USM is well suited for AWS but isn't well suited for on-premise environments to fulfill the role of a NIDS without a potentially uncommon network port mirroring if there are 6+ subnets to monitor. USM will require, as could be expected, security auditing and certain configurations before being useful. USM is best used in well-organized environments and it may not be the best tool if you're looking to get environment security information on an unorganized environment.
Score 7 out of 10
Vetted Review
Verified User
Review Source
I think this works best in an enterprise environments where there are too many servers and objects that need to be monitored and a free product wouldn't work. AlienVault does a good job of allowing you to get down into all the alerts that the machines give off, and also gives suggestions of how to resolve the issues. Sometimes the suggestions aren't great or don't work, but nothing a little googling can't fix.
Score 9 out of 10
Vetted Review
Verified User
Review Source
AlienVault USM Anywhere is well suited for medium-small (~150 employees) organizations up to the largest enterprises, regardless of almost any industry or industries. It is especially well-suited for any organization that has their own internal SOC. It is not well suited for organizations that have very few Windows endpoints, e.g. developer doing graphics and general-purpose business ops mostly on Mac and programming and mostly in Linux.

A MSP and especially MSSP would do well with this while organizations that pay for MSSP services might not need AlienVault USM.
Score 9 out of 10
Vetted Review
Reseller
Review Source
It has an intuitive and good user interface making it easy to train engineers. It provides the ultimate visibility and insight into any IT infrastructure.

The system may slow down considerably when a large number of events/logs are fed in the dashboard, so ensure there is enough storage each month.
Score 10 out of 10
Vetted Review
Reseller
Review Source
Seems to be well suited for larger networks with multiple assets and no orchestration in place. The small business is not what I see as an ideal candidate due to the complexity involved to deploy and configure without dedicated IT staff.
Steinerroggers Ufomaduh | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
The AlienVault USM is suited for networks with minimal IP changes (non-DHCP infrastructure just like most SIEM tools). It struggles with detecting endpoints over VPN tunnels. It identifies the SIP protocol on these interfaces and creates some spurious assets for the entire range. This makes a lot of work for cleanup.
It is very efficient as a supporting tool if SOC work is outsourced or the monitoring requirements are not very intense.
Angel Meza | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
AlienVault is great for setting up a SIEM solution with little setup required, with a not-so-difficult-to-use interface. Most stuff is easy to find with their screens available through menus/sub-menus with accurate titles without being overly compact.
Arther Magaya | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Reseller
Review Source
Managing large networks with multiple vendors on different layers of security. USM integrated well with multiple vendors through plugins and Alien apps like CISCO, Sophos, Kaspersky, and Trend Micro. It has customizable correlation rules, as well as filters that enable administrators to search for required logs and asset events.
Score 8 out of 10
Vetted Review
Reseller
Review Source
Being a great option for large organizations, AlienVault USM is very well suited for small companies as well. Since most cybercrimes are targeted at small companies, which lack funding for cybersecurity setup, AlienVault USM with its pricing model is well suited for all sectors of companies.