Skip to main content
TrustRadius
AlienVault USM

AlienVault USM

Overview

What is AlienVault USM?

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, including SIEM, intrusion detection, vulnerability management, as…

Read more
Recent Reviews

MSSP Review

8 out of 10
October 04, 2021
AlienVault offers a different experience as opposed to other SIEM tools where it can be set up and configured properly in a shorter amount …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 7 features
  • Centralized event and log data collection (8)
    8.9
    89%
  • Correlation (8)
    8.7
    87%
  • Event and log normalization/management (10)
    8.2
    82%
  • Custom dashboards and workspaces (10)
    7.2
    72%

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of AlienVault USM, and make your voice heard!

Record a review
Return to navigation

Pricing

View all pricing

Essentials

$1,075

Cloud
per month

Standard

$1,695

Cloud
per month

Premium

$2,595

Cloud
per month

Entry-level set up fee?

  • Setup fee optional
For the latest information on pricing, visithttps://www.alienvault.com/products/pri…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services
Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

8.3
Avg 7.8
Return to navigation

Product Details

What is AlienVault USM?

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, including SIEM, intrusion detection, vulnerability management, as well as continuous threat intelligence updates. The vendor states that even for resource-limited IT security teams, AlienVault USM can be affordable, fast to deploy, and easy to use. It eliminates the need to deploy, integrate, and maintain multiple point solutions in the data center.

Smart, automated data collection & analysis: USM Anywhere automatically collects and analyzes data across the attack surface, helping to quickly gain centralized security visibility without the complexity of multiple disparate security technologies.

Automated threat detection powered by AT&T Alien Labs: With threat intelligence provided by AT&T Alien Labs, USM Anywhere is updated automatically to stay on top of evolving and emerging threats, so the security team can focus on responding to alerts.

Incident response orchestration with AlienApps: USM Anywhere supports a growing ecosystem of AlienApps, enabling the user to orchestrate and automate actions towards other security technologies, able to respond to incidents quickly and easily.

AlienVault USM Features

Security Information and Event Management (SIEM) Features

  • Supported: Centralized event and log data collection
  • Supported: Correlation
  • Supported: Event and log normalization/management
  • Supported: Deployment flexibility
  • Supported: Integration with Identity and Access Management Tools
  • Supported: Custom dashboards and workspaces
  • Supported: Host and network-based intrusion detection

Additional Features

  • Supported: AlienVault Open Threat Exchange

AlienVault USM Screenshots

Screenshot of USM Anywhere NIDS Dashboard

AlienVault USM Videos

AlienVault USM Competitors

AlienVault USM Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesGlobal

AlienVault USM Downloadables

Frequently Asked Questions

Splunk Cloud and Fortinet on IBM Cloud are common alternatives for AlienVault USM.

Reviewers rate Deployment flexibility highest, with a score of 9.2.

The most common users of AlienVault USM are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(736)

Attribute Ratings

Reviews

(1-25 of 390)
Companies can't remove reviews or game the system. Here's why
October 04, 2021

MSSP Review

Verified User
Employee in Engineering
Security & Investigations Company, 11-50 employees
Score 8 out of 10
Vetted Review
Verified User
Pros and Cons
  • Threat intelligence look-ups
  • Asset management
  • Vulnerability scanning
  • Better UI/workflow for alarms
  • Better alarm management (add notes/set status)
May 20, 2021

Great product but out of the box it needs a lot of work.

Verified User
Technician in Information Technology
Information Technology & Services Company, 1-10 employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Pros and Cons
  • UX/UI responsive and easy to navigate.
  • Covers wide variety of systems and devices.
  • Ease of getting sensors up and running.
  • More simplified dashboards would help not overwhelm new users.
  • Use more industry-standard terms for items.
  • Tech support that actually reads your questions prior to replying with canned responses.
  • Update their KBs to reflect real-world scenarios. We've ran across several places where NxLog's settings in the KB were incorrect and support had no idea, kept telling us that we were wrong despite demonstrating to them the correct settings.
April 30, 2021

AlienVault is about as user-friendly as it gets for threat detection

Thomas Young | TrustRadius Reviewer
Thomas Young
Owner, previous CEO
Econometric Studios (Financial Services, 11-50 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Pros and Cons
  • AlienVault makes following real-time threats very simple with its graphics interface.
  • AlienVault is also easy to work with, and customer support is great.
  • AlienVault works mainly automatically, which makes using it easy. If it required too much effort, the software tool would be replaced.
  • The logs of AlientVault are harder to read through than other logs.
  • Support is good, but not great.
  • Resources for using the product could be made easier to search and understand.
November 11, 2020

AlienVault - Not Worth the Price

Verified User
Manager in Other
Legal Services Company, 501-1000 employees
Score 4 out of 10
Vetted Review
Verified User
Incentivized
Pros and Cons
  • Log collection
  • Users cannot share views across an organization.
  • Views and reports could be more interchangeable.
  • Descriptions of events are based upon each individual asset reporting and not a general grouping of events according to any framework or standards. This makes it difficult for the administrator/user as they would need to know each and every asset and their respective event descriptions.
August 29, 2020

AlienVault USM Anywhere, a SIEM that is easy on your pocket.

Verified User
Professional in Information Technology
Telecommunications Company, 201-500 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Pros and Cons
  • Deployment is straight forward
  • AlienVault USM forensic and response app is great. You can create rules to shut down, disable networking, etc. automatically if Windows becomes infected.
  • AlienVault allows seamless integration with third-party products like Cisco, Office365 etc.
  • A lot of false-positive alarms
August 07, 2020

Unbeatable Security Machine

Verified User
Technician in Information Technology
Government Administration Company, 501-1000 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Pros and Cons
  • Extremely customizable and versatile product.
  • Useful dashboard and UI is easy to navigate.
  • Log plugins parse logs from a variety of sources into a readable format
  • AlienApps provide out-of-the-box integration with other solutions.
  • The product requires a considerable amount of time to set up.
  • Setting up log filters in order to prevent USM from quickly running out of space is very time-consuming.
  • The product will stop working if the logs run out of space. There is no way to set retention rules to automatically clean up old logs.
August 02, 2020

AlienVault USM Provides Heightened Security Awareness in the Legal Services Industry

Verified User
Director in Information Technology
Legal Services Company, 51-200 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Pros and Cons
  • Identifies possible spurious identify (Windows AD) changes and manipulation.
  • Identifies installation of possible malware.
  • Analyzed all activities and filters for only those with a potential negative security impact.
  • Closing an Investigation does not close the attached alarms.
  • Vulnerability Scanning interfaces/process is complicated to use.
  • Vulnerability Scanning allows far too many assets to be specified at once, resulting in timeouts and ambiguous results.
July 29, 2020

Great SIEM for enterprise environments

Verified User
Manager in Information Technology
Financial Services Company, 51-200 employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Pros and Cons
  • Consolidation of logs from various sources.
  • Alerting on particular activities.
  • Alerting on anomalous activities.
  • Time consuming implementation that requires professional services.
  • Pricing model based on the amount of data can be expensive.
  • Training for the product is available, but at additional expense.
July 13, 2020

AlienVault USM is a really beneficial SIEM solution.

Verified User
C-Level Executive in Information Technology
Computer & Network Security Company, 51-200 employees
Score 9 out of 10
Vetted Review
ResellerIncentivized
Pros and Cons
  • Ease of deployment and quick to get operating.
  • Wide range of plugins and log receivers to ingest logs from many sources.
  • Simple interface and dashboard makes daily operation quick and easy.
  • Custom notification templates can be limited - it is not easy to get custom email alert content for example.
  • Some network configuration on premise is needed to take full advantage of NIDS (port/traffic mirroring for example).
  • Vulnerability scanning and reporting can be a bit sparse if you are used to the likes of Nessus.
July 07, 2020

True to its name: Unified Security Management (and great at it!)

Verified User
Administrator in Corporate
Farming Company, 51-200 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Pros and Cons
  • Log Correlation: The engineers at Alienvault/AT&T Cybersecurity have included a great integrated rule set (which continues to grow) to save analysts time on combing through logs and instead executing threat hunts, investigations, and remedial activities.
  • Single pane-of-glass for all security activities from the convenience and efficiency of a SaaS web console, being that USM has deep integrations with over a dozen major software platforms (Office 365, GSuite, ZScaler, Box, etc.) and what they call plugins which interpret log and SIEM data from hundreds of vendors and platforms like Meraki, CrowdStrike, Aruba switches and AP's, etc.
  • Great value! You can pay the same or more for other big name SIEM vendors that offer less features than this platform. Plus, even if you begin ingesting too much log data, you can filter specifics types of logs (for example, ones that have no impact to security) to bring data ingestion in line with your subscription level. The onboarding team did a great job in right-sizing our subscription plan, so this hasn't been a problem.
  • Vulnerability scanning is currently done by authentication into the host over the network, even when the AlienVault USM agent is installed on an endpoint. It would be nice to have near-real-time vulnerability information provided via the agents. This would also delete the need for specially-configured remote-access admin service accounts on endpoints, which is just another account that has to be administered, namely password management and auditing for potential abuse and compromise.
  • Endpoint agent support for ARM architecture is just starting to get going -- wide availability across Linux and MS Windows/Server platforms won't be available until possibly circa mid-2021. Fortunately, at least general asset scan info, authenticated vulnerability scans, etc. still provide a good deal of security inspection into these devices.
  • Making some UI settings persist across logins on the web console is still lacking. Would also be nice to change a "detailed view" to icons/thumbnails/tiles. UI is very efficient in some aspects but frustrating in others.
July 02, 2020

Limited Use Feedback

Verified User
Professional in Sales
Telecommunications Company, 10,001+ employees
Score 10 out of 10
Vetted Review
ResellerIncentivized
Pros and Cons
  • The system is intuitive and easy to navigate.
  • Integration with key services like AWS and other cloud applications is crucial.
  • Links to MITRE, root cause, and remediation recommendations is also a very nice feature.
  • Difficult to configure for initial set up.
  • Key features like alarms for brute force attacks or malware should be automatic instead of needing to be created and configured.
  • Remediation should be taken one step further past recommendations to actual solutions able to be purchased or assisted by AlienVault.
April 27, 2020

Great introduction to SIEMs

Angel Meza | TrustRadius Reviewer
Angel Meza
Analista de Seguridad Nivel 1
Brier & Thorn México S.A.P.I de C.V (Computer & Network Security, 11-50 employees)
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Pros and Cons
  • Great documentation.
  • Overall good support.
  • Nice UI.
  • UI can be wonky at times.
  • Log search from the SIEM UI is quite troublesome as every filter applied performs the search again.
  • Some features can stop working seemingly out of nowhere, requiring contacting support.
April 24, 2020

AlienVault USM anywhere

Arther Magaya | TrustRadius Reviewer
Arther Magaya
Security Analyst
DataTegra (Pty) Ltd (Information Technology & Services, 11-50 employees)
Score 10 out of 10
Vetted Review
ResellerIncentivized
Pros and Cons
  • Authenticated vulnerability assessment
  • Authenticated asset discovery
  • Incident response
  • Log correlation
  • Ability to do an external vulnerability assessment.
  • User training awareness through the console for administrators to educate users.
  • Allow more remediation options for administrators to endusers.
Return to navigation