Skip to main content
TrustRadius
AlienVault USM

AlienVault USM

Overview

What is AlienVault USM?

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, including SIEM, intrusion detection, vulnerability management, as…

Read more
Recent Reviews

TrustRadius Insights

Users have found AlienVault USM to be a valuable SIEM solution for centralizing and searching log data from a large number of network …
Continue reading

MSSP Review

8 out of 10
October 04, 2021
AlienVault offers a different experience as opposed to other SIEM tools where it can be set up and configured properly in a shorter amount …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 7 features
  • Centralized event and log data collection (8)
    8.5
    85%
  • Correlation (8)
    8.5
    85%
  • Event and log normalization/management (8)
    8.0
    80%
  • Custom dashboards and workspaces (8)
    7.0
    70%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing

Essentials

$1,075

Cloud
per month

Standard

$1,695

Cloud
per month

Premium

$2,595

Cloud
per month

Entry-level set up fee?

  • Setup fee optional
For the latest information on pricing, visithttps://www.alienvault.com/products/pri…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

8
Avg 7.8
Return to navigation

Product Details

What is AlienVault USM?

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, including SIEM, intrusion detection, vulnerability management, as well as continuous threat intelligence updates. The vendor states that even for resource-limited IT security teams, AlienVault USM can be affordable, fast to deploy, and easy to use. It eliminates the need to deploy, integrate, and maintain multiple point solutions in the data center.

Smart, automated data collection & analysis: USM Anywhere automatically collects and analyzes data across the attack surface, helping to quickly gain centralized security visibility without the complexity of multiple disparate security technologies.

Automated threat detection powered by AT&T Alien Labs: With threat intelligence provided by AT&T Alien Labs, USM Anywhere is updated automatically to stay on top of evolving and emerging threats, so the security team can focus on responding to alerts.

Incident response orchestration with AlienApps: USM Anywhere supports a growing ecosystem of AlienApps, enabling the user to orchestrate and automate actions towards other security technologies, able to respond to incidents quickly and easily.

AlienVault USM Features

Security Information and Event Management (SIEM) Features

  • Supported: Centralized event and log data collection
  • Supported: Correlation
  • Supported: Event and log normalization/management
  • Supported: Deployment flexibility
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces
  • Supported: Host and network-based intrusion detection

Additional Features

  • Supported: AlienVault Open Threat Exchange

AlienVault USM Screenshots

Screenshot of USM Anywhere NIDS Dashboard

AlienVault USM Videos

AlienVault USM Competitors

AlienVault USM Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesGlobal

Frequently Asked Questions

Splunk Cloud and Fortinet on IBM Cloud are common alternatives for AlienVault USM.

Reviewers rate Deployment flexibility highest, with a score of 8.6.

The most common users of AlienVault USM are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(735)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Users have found AlienVault USM to be a valuable SIEM solution for centralizing and searching log data from a large number of network attached devices. This platform is being used for various use cases such as vulnerability management, scanning, malware detection, and monitoring malicious network traffic. It is considered a good SIEM solution for organizations new to security operational logging or those with a smaller staff and budget. The product has been praised for its integrated feature sets, including HIDS, NIDS, FIM, and security alerting capabilities. The inclusion of features like vulnerability scanning and file integrity monitoring has extended its value for organizations in the early stages of cybersecurity program development. Many users have experienced real-time alerts, enabling them to respond to security incidents and compromised passwords more quickly. Furthermore, AlienVault is used for a range of functions such as SIEM, vulnerability scanning, asset discovery, and investigations. It provides organizations with a centralized log collection site, allowing them to monitor and address new problems more effectively. The platform has been effective in helping organizations meet regulatory compliance requirements and improve SOC operations. Additionally, AlienVault is used to analyze network traffic, Windows Event Logs, and other security events, helping organizations improve network security and protect their customers. It solves security challenges related to device and software visibility, monitoring for anomalous events, and ensuring patch management. Users appreciate the simplicity of deployment and the robustness of the interface. The support team is highly responsive and knowledgeable.

AlienVault USM Anywhere is used by organizations to easily identify security incidents happening across their infrastructure and comply with PCI-DSS compliance requirements. MSSPs utilize AlienVault USM Anywhere to provide their customers with best-in-class threat monitoring and response services. It is also used to monitor cloud environments, scanning and alerting for any known vulnerabilities or activity on servers. AlienVault helps organizations with auditing purposes by monitoring cloud permissions and changes to security. Additionally, it is deployed to customers for monitoring and is used by NSOCs to monitor their networks. AlienVault has been implemented across organizations, covering server assets and providing granular logging on systems and networks. It helps in raising alarms/alerts and mitigating network-related activities. AlienVault collects and alerts on network and system activity across the entire organization, making it easy to filter for important data. The product centralizes log data and helps perform vulnerability analysis and threat detection. It assists in security patching and monitoring within AWS environments. Users appreciate the ease of use and configuration of the cloud-based panel. AlienVault is implemented and managed for clients as a recommended SIEM solution, collecting and normalizing logs from various data sources. It is used throughout organizations to gain insight into network and server events, manage and correlate logs, and recognize anomalous activity. Users have been able to set up alerts for specific events and policies, effectively managing systems and alerts in place, monitoring multiple client environments, and identifying issues that clients may have missed.

AlienVault USM Anywhere is praised for its cost-effectiveness compared to other SIEM solutions on the market. Users appreciate its threat intelligence capabilities, ease of use, user-friendly interface, and simplicity of deployment. The built-in correlation rules require minimal setup and provide high-quality results. Asset management and scanning features help users stay on top of monitoring assets, including dynamic and static asset lists. The integration of OTX into USM Anywhere allows for up-to-date threat intelligence and pulse subscriptions.

The software plays a crucial role in monitoring and alerting when anomalies occur, aiding in threat detection, compliance management, log collection, and vulnerability scanning. It helps organizations stay up to speed on new vulnerabilities and supports agile business initiatives by aiding analysts in identifying cyber threats and providing access to threat cross-referencing data. AlienVault USM Anywhere is deployed to monitor AWS cloud environments, attain compliance, identify threats, and facilitate auditing of non-emergency configuration changes and vulnerability monitoring.

Overall, AlienVault USM Anywhere provides centralized security monitoring, incident response capabilities, compliance reporting features, vulnerability assessment tools, real-time SIEM functionality, as well as asset discovery and user activity monitoring capabilities. It has been widely adopted across various industries for enhancing security posture and gaining comprehensive visibility into network activities.

Based on user recommendations, AlienVault USM receives the following common recommendations:

  1. AlienVault USM is recommended for cost-conscious companies and small to medium businesses due to its affordability and effectiveness. Users find it to be a great tool for analyzing and reacting to threats, offering excellent value for the price.

  2. Users suggest exploring alternative SIEM choices and discussing functionality and configuration requirements. Logrhythm is mentioned as a possible alternate SIEM choice, especially for high-end functionality needs. It is advised to compare features and select the SIEM system that offers the best cost for desired features.

  3. To maximize the experience with AlienVault USM, users recommend taking advantage of training opportunities provided by AlienVault. Joining official training sessions allows users to learn best practices from other users and gain comprehensive knowledge of the product. Users also recommend utilizing forums, support, webinars, and videos offered by AlienVault to enhance understanding and achieve optimal results.

Overall, AlienVault USM is regarded as a cost-effective solution suitable for organizations with data privacy and security priorities. The product's flexibility, community-created intelligence, and continual improvement are also highlighted by users. While some mention areas for improvement, such as support stability and module quality, the general consensus is that AlienVault USM delivers reliable security enhancements and cost savings.

Attribute Ratings

Reviews

(1-25 of 34)
Companies can't remove reviews or game the system. Here's why
Christian Holton | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Incentivized
There's definitely a learning curve, and I strongly recommend attending the training they give you when you first sign up and the follow-up webcasts and so on to give you an edge on your training. Once you get a baseline understanding of all the moving parts, you can get in and get your hands dirty.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Once you are able to navigate the different panels, finding what you need is quite easily. Before getting used it it can be a bit of challenge .

Each panel is quite well laid out and the filtering search capabilities are quite strong.
November 30, 2017

AlienVault Review

Score 7 out of 10
Vetted Review
Verified User
Incentivized
I give the rating because there is a lacking of understanding what AlienVault is capable of and you need training to get a better understanding.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
The dashboard for alarms is extremely useful for a quick glance at what is going on in the environment. It also allows you to drill into an alarm to get more granular details on what generated it. Reporting and flexibility of dashboards could use some improvements, but overall a very useful tool.
Randy Kouns | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We have been using AlienVault USM Appliance for nearly 3 years. The power and flexibility of the device for IPS and IDS is amazing. We are able to identify threats and stop them before damage can be done.
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Navigating the platform is really easy and quite intuitive . Reporting him scheduled reporting is easy to use and to set up with many options for report export; however, there are some limitations as to what type of grouping can be done within the premade report templates .
Score 6 out of 10
Vetted Review
Verified User
Incentivized
Alienvault can easily be summarized quite easily - over-engineered. The UI is convoluted, requiring too many steps to perform simple day to day and menial tasks. The amount of work that is necessary to set up simple alarms is irritating. I wish that they provided more out of the box functionality and require less user configuration for these simple alarms.
Score 6 out of 10
Vetted Review
Verified User
Incentivized
The base product is easy to understand, but configuring feeds to the SIEM can be a challenge.

Also, we still have not successfully set up Nagios monitoring inside the USM, even though we have had a working standalone Nagios for years.
September 29, 2017

Big Bang for your Buck

Brian W. Caldwell BIT | MIS | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Reseller
After using it for some time I have found the interface to be somewhat "clunky." Some of the system management requirements have to be done from the CLI (Command Line Interface). There is no way to easily automate some of the system maintenance, that if not addressed, causes the system to become unusable after a period of time.
Jeremy Wanamaker | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
ResellerIncentivized
Good product. It's a significant improvement in UI from AlienVault's previous offer. It could use more polish. The feature set also needs to improve. There are features that existed in AlienVault's previous product that are not included in this product. I understand the developers are rapidly adding features. We expect this product will mature into a best-in-class offering.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
The user interface is pretty intuitive in how to use it. The majority of the functions within AlienVault are easy to utilize without requiring you reading a large amount of documentation. Fiddling with some of the custom policies takes a bit of using to get used to but not hard to do overall. I did not need to request help from support to use most things and the times that I did were dealt with pretty easily.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
AlienVault USM is a very easy product to implement and use. The implementation takes less than a few hours and that using the instructions from the website and not having to contact customer support. The USM console is very easy to navigate. I am also able to set up console and email alerts we ease. I had USM installed, up and going with all my customizations within a day or two whereas, other SIEM products have taken multiple weeks to get tweaked to meet my needs. Overall, this is a very good product for a SMB seeking a SIEM solution.
Danny Santiago | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
I tried out other SEIM engines and have to say AlienVault beat them all and went beyond. Their simple to use and read interface as well as updated analytics makes doing my job easy. Not only did I catch active breaches but were able to stop them before any data was lost. That was just during out trail of the AlienVault USM product. Support has been amazing as well as the sales staff. I can't imagine running a datacenter with AlienVault there to help me sleep at night. Thank You AlienVault. You not only made my team look like rock stars we feel like it too!
Return to navigation