AlienVault USM

AlienVault USM

TRUE
About TrustRadius Scoring
Score 7.6 out of 100
TRUE
AlienVault USM

Overview

Recent Reviews

MSSP Review

8 out of 10
October 04, 2021
AlienVault offers a different experience as opposed to other SIEM tools where it can be set up and configured properly in a shorter amount …
Continue reading

Unbeatable Security Machine

8 out of 10
August 07, 2020
AlienVault is one of many security solutions that we utilize in our network. We use it to monitor unusual traffic and behavior to and from …
Continue reading

Great tool for medium shops

7 out of 10
July 11, 2020
USM is used across the whole organization and helped us complete and maintain security requirements for an SoC 2 Type 2 compliance. We …
Continue reading

Reviewer Sentiment

N/A
Positive ()
N/A
Negative ()
Learn how we calculate reviewer sentiment

Awards

TrustRadius Award Top Rated 2021
TrustRadius Award Top Rated 2020
TrustRadius Award Top Rated 2019

Popular Features

View all 7 features

Correlation (5)

7.1
71%

Centralized event and log data collection (5)

6.8
68%

Event and log normalization/management (7)

6.7
67%

Custom dashboards and workspaces (7)

6.1
61%

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of AlienVault USM, and make your voice heard!

Pricing

View all pricing

Essentials

$1,075

Cloud
per month

Standard

$1,695

Cloud
per month

Premium

$2,595

Cloud
per month

Entry-level set up fee?

  • Setup fee optional
For the latest information on pricing, visithttps://www.alienvault.com/products/pri…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Features Scorecard

Security Information and Event Management (SIEM)

6.6
66%

Product Details

What is AlienVault USM?

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, including SIEM, intrusion detection, vulnerability management, as well as continuous threat intelligence updates. The vendor states that even for resource-limited IT security teams, AlienVault USM can be affordable, fast to deploy, and easy to use. It eliminates the need to deploy, integrate, and maintain multiple point solutions in the data center.

Smart, automated data collection & analysis: USM Anywhere automatically collects and analyzes data across the attack surface, helping to quickly gain centralized security visibility without the complexity of multiple disparate security technologies.

Automated threat detection powered by AT&T Alien Labs: With threat intelligence provided by AT&T Alien Labs, USM Anywhere is updated automatically to stay on top of evolving and emerging threats, so the security team can focus on responding to alerts.

Incident response orchestration with AlienApps: USM Anywhere supports a growing ecosystem of AlienApps, enabling the user to orchestrate and automate actions towards other security technologies, able to respond to incidents quickly and easily.

AlienVault USM Features

Security Information and Event Management (SIEM) Features

  • Supported: Centralized event and log data collection
  • Supported: Correlation
  • Supported: Event and log normalization/management
  • Supported: Deployment flexibility
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces
  • Supported: Host and network-based intrusion detection

Additional Features

  • Supported: AlienVault Open Threat Exchange

AlienVault USM Screenshots

USM Anywhere NIDS Dashboard

AlienVault USM Videos

AlienVault USM Downloadables

AlienVault USM Competitors

AlienVault USM Technical Details

Deployment TypesSaaS
Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesGlobal

Comparisons

View all alternatives

Frequently Asked Questions

What is AlienVault USM's best feature?

Reviewers rate Correlation highest, with a score of 7.1.

Who uses AlienVault USM?

The most common users of AlienVault USM are from Mid-sized Companies (51-1,000 employees) and the Information Technology & Services industry.

Reviews

(1-25 of 389)
Companies can't remove reviews or game the system. Here's why
October 04, 2021

MSSP Review

Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault offers a different experience as opposed to other SIEM tools where it can be set up and configured properly in a shorter amount of time. The built-in correlation rules are of great quality with little-to-no setup required to switch on. Asset management and scanning is a great feature to keep on top of the list of assets to monitor, as well as dynamic and static asset lists. OTX is one of the best features to implement directly into USM Anywhere, with up-to-date threat intelligence as well as pulses to subscribe to.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We utilize AlienVault USM as a security management solution that accelerates and centralizes incident response, compliance management, and threat detection for our on-premises environments. This tool includes purpose-built controls that natively monitor our AWS—Amazon Web Services and Azure environments—from our on-premises. Our AlienVault runs on lightweight virtual sensors that are installed on Microsoft Hyper-V to monitor both the virtual private network and on-premises physical IT infrastructure.
Score 7 out of 10
Vetted Review
Verified User
Review Source
Implemented in a SaaS company with resources in colocation and AWS. All server assets are covered however workstations are not. We like that it provides the opportunity of granular logging on all systems and networks.
Thomas Young | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
AlienVault is used across the organization, although only select individuals actually know that it is running. The software addresses the protection of mission-critical information and databases. The software is not useful for any other purposes outside of security of the networks.
Score 7 out of 10
Vetted Review
Reseller
Review Source
It is being used department-wide. We offer professional services and deploy it for customers and ensure that the SIEM is configured properly. Our current customers are extremely satisfied with the product; the only drawback is that the absence of a skilled technician experienced in AlienVault USM can have trouble configuring and troubleshooting any problems.
Score 4 out of 10
Vetted Review
Verified User
Review Source
AlienVault was purchased to provide the security department with a security operations center overview of the infrastructure of our environment. It is currently only being used as a SIEM for the Security Department for client compliance. This is due to the the lack of resources to manage the day to day management of the tool.
Score 8 out of 10
Vetted Review
Verified User
Review Source
We are a reseller of Alienvault USM and provide managed SOC services. We recently deployed for a telecom operator to monitor business-critical services including Windows and Linux. It's not for all departments, mainly for agents deployed on critical servers only to monitor the activities and discover anamolies.
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault is one of many security solutions that we utilize in our network. We use it to monitor unusual traffic and behavior to and from our domain controllers, which we combine with endpoint security and network security to have a granular view of activity throughout our network.
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault USM is being used by my entire organization for log aggregation and analysis in support of PCI compliance activities. It allows us to quickly identify security threats for 100+ remote and on-prem users, providing a 'single pane of glass' to view identity, networking, and workstation issues across the enterprise.
Score 10 out of 10
Vetted Review
Verified User
Review Source
It is used throughout our organization. It is one part of our security portfolio. It provides insight into network and server events and alarms for potentially dangerous behavior. It provides a central place to manage and correlate logs from our servers, network equipment, firewall, antivirus, and I'm currently rolling it out to the end-user computers.
Score 7 out of 10
Vetted Review
Verified User
Review Source
It is our SIEM for the entire firm. It collects logs from various data sources across our network and normalizes the data to make actionable alerts. AlienVault makes it easy to consolidate all information from virtually any data source and make it searchable. It can also recognize anomalous activity and alert on it.
Score 9 out of 10
Vetted Review
Reseller
Review Source
We use Alienvault USM internally in our Security Operations Centre as part of our detection and response capabilities. We use it to monitor our on-premise networks and devices, our cloud servers as well as our cloud SaaS services. It allows us good visibility into our entire infrastructure and the events and alarms that we would otherwise miss.
We also implement and manage AlienVault USM deployments for clients as our recommended SIEM solution.
Score 7 out of 10
Vetted Review
Verified User
Review Source
USM is used across the whole organization and helped us complete and maintain security requirements for an SoC 2 Type 2 compliance. We used USM for Cloud and on-premise for multiple isolated environments. The tool works well but does require much fine-tuning and can be complex without proper training and or guidance.
Score 9 out of 10
Vetted Review
Verified User
Review Source
Alienvault USM Anywhere touches all endpoints and networks of our organization. Is solves some big problems like:
1) Logging aggregation and actionable insights using log correlation.
2) Threat hunting & intel.
3) Vulnerability management and validation of our separate patch automation software.
4) Security orchestration.
5) Asset discovery and inventory management.
Score 9 out of 10
Vetted Review
Reseller
Review Source
We use AlienVault USM to monitor our network flow and alert us if any of our alarms are triggered. We integrate our Cisco Umbrella and Meraki solutions so that it saves time, having a single dashboard without having to check each instance. We also like the ability to create custom alarms and us the threat exchange to be notified of any day zero vulnerabilities on the software we run in the office.
Score 8 out of 10
Vetted Review
Verified User
Review Source
It is being used for our entire org as a SIEM and vulnerability management tool. Stretched over 14 locations in the North Americas, we utilize this tool to be our first login in the morning. All of our logs from our on-premise and cloud services flow into this.
Score 10 out of 10
Vetted Review
Reseller
Review Source
In my current position, I offer AlienVault USM Anywhere to businesses as a managed security service provider. The problem/solution use case is for multiple unrelated point solutions without centralized orchestration or a managed SIEM system in place.
Steinerroggers Ufomaduh | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
AlienVault USM is used in our vulnerability management program and endpoint protection program. It addresses the problem of inconsistent patching cadence across organizational units. It is used to perform regular vulnerability scans on our infrastructure and to deliver status reports on progress in program and policy implementation. Some logs are sent to it from servers to help with the SIEM correlation work which is largely outsourced.
Arther Magaya | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Reseller
Review Source
It addresses compliance and vulnerability assessments, which are critical in having a holistic view of mission-critical assets. USM also gives the ability to detect network threats before they are exploited by criminals, as well as forensic evidence of what happened when and how it happened. With the help of AlienApps, there is vast integration with existing security solutions.
Score 10 out of 10
Vetted Review
Verified User
Review Source
I have used AlienVault in a controlled lab environment to assess its power in solving the security challenges of an organization. AlienVault provides a clear picture of the events and incidents throughout the network infrastructure and provides us with a way to mitigate any issue.
Score 8 out of 10
Vetted Review
Reseller
Review Source
Talos Cybersecurity is an MSSP providing Managed Detection and Response services to our clients. For this, we use AlienVault USM on-premises. It is very easy to deploy and setup and starts providing value as soon as it is plugged into the network. All the needs of asset discovery, file integrity, monitoring of critical assets, vulnerability detection, and SIEM ready to plug and play on the initial setup. A long list of plugins helps to integrate SIEM with a variety of products. Also, it is quite easy to develop new plugins and modify the existing plugins. Being an MSSP enables each analyst to handle multiple incidents in a short span of time as the product correlates major information before any need for human intervention.