AlienVault USM Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
608 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 7.9 out of 100

Do you work for this company? Manage this listing

TrustRadius Top Rated for 2019

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Filtered By:

Reviews (1-25 of 352)

Matthew Stacks profile photo
November 27, 2019

AlienVault USM Anywhere

Score 6 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

Our organization provides multiple security services to clients. These services fall into three broad categories: Offensive consulting services, such as penetration tests and vulnerability assessments; Defensive consulting services, like digital forensics and incident response; and security operations, which consist of continuous network and endpoint security monitoring and threat detection. AlienVault USM is one of the many solutions used to perform security operations for our clients.
Read Matthew Stacks's full review
Christian Holton profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

We use AlienVault across the org, with accumulator appliances in two offices and in our cloud infrastructure. These devices are syslog targets and are used to scan traffic in each location. In addition, I also have deployed the AlientVault USM agent script to all servers and user systems. AlienVault sometimes notifies me of problems within integrated systems such as Sophos before that service itself. Notifications as simple as an improperly configured SSH config or something as significant as signs of SPECTRE traffic are delivered to my inbox so I may deal with these alerts ASAP.
Read Christian Holton's full review
Mpho Lekota profile photo
Score 7 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

AlienVault USM also enables you to centralize the storage of all your log data in the AlienVault Secure Cloud, a certified compliant environment. This alleviates the burden of having to manage and secure logs on-premises, while providing a compliance-ready log management environment. SIEM software solutions and log management tools provide valuable security information, but often require expensive and time-consuming integration efforts to bring in log files from disparate sources such as asset inventory, vulnerability assessment, endpoint agents, and IDS products. Once you have the data, you then must research and write correlation rules to identify threats in your environment.Advantages of using all-in-one security essentials is Save Time and Money in Integrating Multiple Third-Party Security Tools and Start Detecting Threats on Day One with Pre-Written Correlation Rules.
Read Mpho Lekota's full review
Stacey Medina profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

I was put in charge of getting our company NIST-800 compliant and one of the requirements of compliance is to have a security information and event management (SIEM). The company that did our gap analysis highly recommended the AlienVault USM and after a bit of research and reviews, I decided to move forward with AlienVault. I was very impressed with how simple it was to deploy as a virtual machine and how robust the interface is. This USM does everything and more. I can't wait to delve deeper into the functionality of the dashboard. The support team is also very responsive and very knowledgeable of the product.
Read Stacey Medina's full review
Jeremy Cejka profile photo
Score 4 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

The business problem it addresses is derived from governance and compliance set by the USG and the DFARS regulations to have a SEIM. I have experience with paid products such as QRADAR and Splunk, and open source products such as Graylog/Elk/Wazah/security_onion. This is a department tool to consume the whole organization's security related data. We currently use it as the SEIM.
Read Jeremy Cejka's full review
Ranjith R profile photo
Score 7 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

We have procured AlienVault USM Anywhere for Monitoring and Triggering alarms/notification on the suspicious traffic and attacks. It is being used within the infosec/infra department to take necessary actions on the security events. It majorly helps us to find the real-time attack and traffic events to our organisational assets and also it helps us on finding the vulnerabilities on a specific asset.
Read Ranjith R's full review
Cory Watson profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

We use it to monitor security logs across our various SaaS apps. It is the central hub for our security incident program. It is primarily being used by our Information Security Department. This tool addresses our need to be able to make actionable decisions, across various SaaS platforms, from a single pane of glass.
Read Cory Watson's full review
Fintan O'Meara profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

Alienvault USM is used by the internal IT department to monitor activity from lots of different sources across the organisation. From O365 and Azure, AWS, on-premises servers and network equipment, and others we track vulnerability status, correlate unusual activity and monitor for IOCs from Alienvault's Intelligent Cloud.
Read Fintan O'Meara's full review
Mario Martinez profile photo
September 27, 2019

AlienVault does the job

Score 9 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

We use AlienVault USM to monitor our AWS cloud environment and the individual assets within that environment. AV also provides us with alerting and reporting that helps us attain and maintain compliance with several standards, but, more importantly, helps me sleep better at night as our Information Security Officer. An easy to overlook benefit is that It makes it easier for us to shore up process deficiencies. We can more easily audit that we documented and approved all non-emergency configuration changes within our cloud before they are applied. We also use the AV agent to monitor individual instances for vulnerabilities and the software they run.

This all gives us confidence that we are keeping our systems as secure as possible and meeting promises to keep our customer’s data secure.
Read Mario Martinez's full review
Mark Taghap profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

We have deployed AlienVault USM throughout the entire organization. The IT department is responsible for monitoring and making necessary configurations. This has immensely improved our visibility in regards to the daily activities of all networks and devices. It has recognized anomalies and notifies my IT department.
Read Mark Taghap's full review
Agustin Larrarte profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

We have used Alienvault USM in our PCI environment to detect the most common threats. We have discovered it added extra value to our organization by creating visibility on security issues we didn't know of before. On the downside, the on-premise version of Alienvault USM can get slow after loading it with a lot of machines (when doing big queries) and doesn't adapt very well to dynamic environments, but their on cloud version is definitely making that better.
Read Agustin Larrarte's full review
Jesse Bickel profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

Alienvault was used to provide security monitoring, alerting for our AWS and on-premise systems. This was deployed to all environments locally and in the cloud. It was deployed and managed by the IT team and assisted us in gaining compliance for PHI, HIPAA and other requirements on top of ensuring integrity for our environments. This assisted in addressing our security needs and proactive monitoring.
Read Jesse Bickel's full review
Erich Barlow, MIS profile photo
Score 7 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

We are using it in IT security for vulnerability management and for IDS. It is just focused as part of our IT security management process. For us, it addresses the vulnerabilities that we see all the time and it allows us to prioritize those assets based on the risk they pose to the business.
Read Erich Barlow, MIS's full review
Todd Fletcher profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

I have implemented USM Anywhere as our company SIEM. Additionally, I as working to extend it's functionality with Gartner's SOAR principles. The primary business drivers (problems) include controlling costs, mitigation of risk, and supporting agile business initiatives. It is utilitzed by the security team to monitor all business information systems.
Read Todd Fletcher's full review
Atul Jain profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

AlienVault has been implemented across the whole organization. We monitor and raise the alarms/alerts and reach out to the end user/business for mitigation. It addresses all kinds of network-related activities, not limited to third-party chat applications, torrent connectivity, P2P connections, etc.
Read Atul Jain's full review
Adam Nield profile photo
September 05, 2019

Picking up AlienVault USM

Score 8 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

We currently use AlienVault primarily for the SIEM and vulnerability scanner. We use the intrusion detection agents across our servers and are in the process of setting up the system to use other features available through AlienVault, such as availability monitoring and creating custom plugins to monitor our bespoke systems. This is all maintained by our infosec, cybersecurity and infrastructure teams.
Read Adam Nield's full review
Pankaj KC profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

We use it to detect network risks and vulnerabilities to a reasonable and appropriate level. Using across the whole organization. It's also being used to comply with current legislation (security related logs should be recorded).
Read Pankaj KC's full review
Ariel Lucas Sandor profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

We used AlienVault for 5 years in our PCI and non-PCI environment. AlienVault USM does nearly everything we need to detect threats we didn't know of. The setup was very easy with little deployment time. The price point is very competitive. The tools for data filtering that the appliance has been very powerful. It also comes with predefined PCI-DSS reports. The main problem we addressed is that sometimes the appliance gets slow when doing some particular queries.
Read Ariel Lucas Sandor's full review
Brian Lindow profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

AlienVault is our SIEM tool that addresses the enterprise looking for indications of compromise. This was a finding in an internal audit a few years ago so it follows more of a compliance requirement.
Read Brian Lindow's full review
Ryan Hart, MBA profile photo
July 29, 2019

Better than Splunk

Score 10 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

We used to monitor our web application, firewall, and our G Suite logs. AlienVault USM solves the problem of manually monitoring logs. We were able to filter our alerts to ignore known non-threatening behaviours. AlienVault USM also gave us a more efficient way to search our logs rather than viewing the raw log files in our data provider.
Read Ryan Hart, MBA's full review
No photo available
Score 8 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

We're using the USM product as its intended use case of a SIEM. Sensors are deployed into our hybrid cloud at various points and push logs to the USM dashboard. With our MSSP monitoring, AlienVault USM meets our needs of 24/7 security monitoring
Read this authenticated review
No photo available
Score 7 out of 10
Vetted Review
Verified User
Review Source

Use Cases and Deployment Scope

My organization is using AlienVault USM as one of the internal security operation solutions. It helps us to perform operations such as vulnerability analysis and threat detection. It also helps us to centralize the log data to be stored in one place, which is AlienVault Secure Cloud, a certified environment.
Read this authenticated review

Feature Scorecard Summary

Centralized event and log data collection (1)
8
Correlation (1)
8
Event and log normalization (1)
8
Deployment flexibility (1)
7
Custom dashboards and views (1)
6
Host and network-based intrusion detection (1)
7

About AlienVault USM

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, including SIEM, intrusion detection, vulnerability management, as well as continuous threat intelligence updates. The vendor states that even for resource-limited IT security teams, AlienVault USM can be affordable, fast to deploy, and easy to use. It eliminates the need to deploy, integrate, and maintain multiple point solutions in the data center.

Smart, automated data collection & analysis: USM Anywhere automatically collects and analyzes data across the attack surface, helping to quickly gain centralized security visibility without the complexity of multiple disparate security technologies.

Automated threat detection powered by AT&T Alien Labs: With threat intelligence provided by AT&T Alien Labs, USM Anywhere is updated automatically to stay on top of evolving and emerging threats, so the security team can focus on responding to alerts.

Incident response orchestration with AlienApps: USM Anywhere supports a growing ecosystem of AlienApps, enabling the user to orchestrate and automate actions towards other security technologies, able to respond to incidents quickly and easily.

AlienVault USM Features

Security Information and Event Management (SIEM) Features
Has featureCentralized event and log data collection
Has featureCorrelation
Has featureEvent and log normalization
Has featureDeployment flexibility
Has featureIntegration with Identity and Access Management Tools
Has featureCustom dashboards and views
Has featureHost and network-based intrusion detection
Additional Features
Has featureAlienVault Open Threat Exchange

AlienVault USM Screenshots

AlienVault USM Videos (2)

Watch AlienVault USM Anywhere: Five Essential Cloud Security Capabilities in a Single SaaS Platform

Watch See How We're Pushing the Outer Limits of Security

AlienVault USM Downloadables

AlienVault USM Competitors

Pricing

  • Has featureFree Trial Available?Yes
  • Has featureFree or Freemium Version Available?Yes
  • Has featurePremium Consulting/Integration Services Available?Yes
  • Entry-level set up fee?Optional

AlienVault USM Support Options

 Free VersionPaid Version
Phone
Email
Forum/Community
FAQ/Knowledgebase
Social Media
Video Tutorials / Webinar
Live Chat

AlienVault USM Technical Details

Deployment Types:SaaS
Operating Systems: Unspecified
Mobile Application:No
Supported Countries:Global