AlienVault USM Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
672 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 7.6 out of 100

Do you work for this company? Learn how we help vendors

TrustRadius TRUE BadgeTrustRadius Top Rated for 2020

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-25 of 385)

Companies can't remove reviews or game the system. Here's why.
August 01, 2020
John Cerio | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
It is used throughout our organization. It is one part of our security portfolio. It provides insight into network and server events and alarms for potentially dangerous behavior. It provides a central place to manage and correlate logs from our servers, network equipment, firewall, antivirus, and I'm currently rolling it out to the end-user computers.
  • Security event correlation.
  • Security event alarms
  • Security event investigations
  • Potential vulnerability identification
In the case of a small office network, it might not be a good fit. In that case, I would recommend finding an MSP that uses it. Along with a good antivirus and firewall, I believe that this tool proves to be an excellent piece of any multi-tiered security system.
Read John Cerio's full review
November 11, 2020
Anonymous | TrustRadius Reviewer
Score 4 out of 10
Vetted Review
Verified User
Review Source
AlienVault was purchased to provide the security department with a security operations center overview of the infrastructure of our environment. It is currently only being used as a SIEM for the Security Department for client compliance. This is due to the the lack of resources to manage the day to day management of the tool.
  • Log collection
  • Users cannot share views across an organization.
  • Views and reports could be more interchangeable.
  • Descriptions of events are based upon each individual asset reporting and not a general grouping of events according to any framework or standards. This makes it difficult for the administrator/user as they would need to know each and every asset and their respective event descriptions.
At this point I'm saying a 4. While the marketing material make it appear to be easy to use and it was relatively easy to set up, as previously mentioned, each event description is based upon the individual asset making it nearly impossible for the administrator to be a SME for each asset. For example, if one of the assets reporting is a router, the administrator monitoring alerts would need to know what the various events are that can be triggered as an event for the particular router; however, if the asset is a workstation, the administrator would need to know the various events that are triggered for workstations.
Read this authenticated review
August 06, 2020
Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault is one of many security solutions that we utilize in our network. We use it to monitor unusual traffic and behavior to and from our domain controllers, which we combine with endpoint security and network security to have a granular view of activity throughout our network.
  • Extremely customizable and versatile product.
  • Useful dashboard and UI is easy to navigate.
  • Log plugins parse logs from a variety of sources into a readable format
  • AlienApps provide out-of-the-box integration with other solutions.
  • The product requires a considerable amount of time to set up.
  • Setting up log filters in order to prevent USM from quickly running out of space is very time-consuming.
  • The product will stop working if the logs run out of space. There is no way to set retention rules to automatically clean up old logs.
AlienVault is an impressive solution for any organization dedicated to the proactive security of their environment. However, not every organization will be able to spare the time required to properly set up and administer it.
Read this authenticated review
August 01, 2020
Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault USM is being used by my entire organization for log aggregation and analysis in support of PCI compliance activities. It allows us to quickly identify security threats for 100+ remote and on-prem users, providing a 'single pane of glass' to view identity, networking, and workstation issues across the enterprise.
  • Identifies possible spurious identify (Windows AD) changes and manipulation.
  • Identifies installation of possible malware.
  • Analyzed all activities and filters for only those with a potential negative security impact.
  • Closing an Investigation does not close the attached alarms.
  • Vulnerability Scanning interfaces/process is complicated to use.
  • Vulnerability Scanning allows far too many assets to be specified at once, resulting in timeouts and ambiguous results.
AlienVault USM works well for a cloud/remote/on-prem environment where AV is also centralized (to allow for cross-checking findings). It would be perhaps less well suited to a cloud-only environment with remote users.
Read this authenticated review
July 29, 2020
Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
It is our SIEM for the entire firm. It collects logs from various data sources across our network and normalizes the data to make actionable alerts. AlienVault makes it easy to consolidate all information from virtually any data source and make it searchable. It can also recognize anomalous activity and alert on it.
  • Consolidation of logs from various sources.
  • Alerting on particular activities.
  • Alerting on anomalous activities.
  • Time consuming implementation that requires professional services.
  • Pricing model based on the amount of data can be expensive.
  • Training for the product is available, but at additional expense.
For an organization that has a dedicated security team, it is a powerful tool in your security arsenal. For others, it's going to be something that requires a lot of time to implement and maintain that may not be your primary focus. While you can feel confident that all the information is there and searchable, you may not feel as confident that you are getting alerts on everything you want to be alerted about if you don't stay on top of maintaining the system.
Read this authenticated review
August 29, 2020
Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
We are a reseller of Alienvault USM and provide managed SOC services. We recently deployed for a telecom operator to monitor business-critical services including Windows and Linux. It's not for all departments, mainly for agents deployed on critical servers only to monitor the activities and discover anamolies.
  • Deployment is straight forward
  • AlienVault USM forensic and response app is great. You can create rules to shut down, disable networking, etc. automatically if Windows becomes infected.
  • AlienVault allows seamless integration with third-party products like Cisco, Office365 etc.
  • A lot of false-positive alarms
Overall AlienVault USM is a great product.
Read this authenticated review
July 02, 2020
Justin Millett | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
It is being used for our entire org as a SIEM and vulnerability management tool. Stretched over 14 locations in the North Americas, we utilize this tool to be our first login in the morning. All of our logs from our on-premise and cloud services flow into this.
  • Vulnerability visibility and remediation
  • Log management and compilation
  • The vulnerability scanner could use some tweaking as I feel it isn't always working
  • The integrations could use some more testing
The only thing I will dock AlienVault for is the lack of support without paying an additional bit of $$.. That seems to be my biggest complaint. When you invest 30K, adding another couple thousand for support is quite silly.
Read Justin Millett's full review
May 26, 2020
Steinerroggers Ufomaduh | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
AlienVault USM is used in our vulnerability management program and endpoint protection program. It addresses the problem of inconsistent patching cadence across organizational units. It is used to perform regular vulnerability scans on our infrastructure and to deliver status reports on progress in program and policy implementation. Some logs are sent to it from servers to help with the SIEM correlation work which is largely outsourced.
  • Endpoint detection notification with detailed logs
  • Vulnerability detection
  • Investigation tracking
  • Endpoint protection agent rollout
  • Vulnerability management historical tracking
  • Endpoint tracking across DHCP infrastructure
The AlienVault USM is suited for networks with minimal IP changes (non-DHCP infrastructure just like most SIEM tools). It struggles with detecting endpoints over VPN tunnels. It identifies the SIP protocol on these interfaces and creates some spurious assets for the entire range. This makes a lot of work for cleanup.
It is very efficient as a supporting tool if SOC work is outsourced or the monitoring requirements are not very intense.
Read Steinerroggers Ufomaduh's full review
April 27, 2020
Angel Meza | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
We use AlienVault in our organization to monitor the environment of our clients, all the way from reviewing suspicious activity to performing server health-checks and behavior.
  • Great documentation.
  • Overall good support.
  • Nice UI.
  • UI can be wonky at times.
  • Log search from the SIEM UI is quite troublesome as every filter applied performs the search again.
  • Some features can stop working seemingly out of nowhere, requiring contacting support.
AlienVault is great for setting up a SIEM solution with little setup required, with a not-so-difficult-to-use interface. Most stuff is easy to find with their screens available through menus/sub-menus with accurate titles without being overly compact.
Read Angel Meza's full review
April 23, 2020
Arther Magaya | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Review Source
It addresses compliance and vulnerability assessments, which are critical in having a holistic view of mission-critical assets. USM also gives the ability to detect network threats before they are exploited by criminals, as well as forensic evidence of what happened when and how it happened. With the help of AlienApps, there is vast integration with existing security solutions.
  • Authenticated vulnerability assessment
  • Authenticated asset discovery
  • Incident response
  • Log correlation
  • Ability to do an external vulnerability assessment.
  • User training awareness through the console for administrators to educate users.
  • Allow more remediation options for administrators to endusers.
Managing large networks with multiple vendors on different layers of security. USM integrated well with multiple vendors through plugins and Alien apps like CISCO, Sophos, Kaspersky, and Trend Micro. It has customizable correlation rules, as well as filters that enable administrators to search for required logs and asset events.
Read Arther Magaya's full review
March 13, 2020
Naveen Sharma | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Review Source
Talos Cybersecurity is an MSSP providing Managed Detection and Response services to our clients. For this, we use AlienVault USM on-premises. It is very easy to deploy and setup and starts providing value as soon as it is plugged into the network. All the needs of asset discovery, file integrity, monitoring of critical assets, vulnerability detection, and SIEM ready to plug and play on the initial setup. A long list of plugins helps to integrate SIEM with a variety of products. Also, it is quite easy to develop new plugins and modify the existing plugins. Being an MSSP enables each analyst to handle multiple incidents in a short span of time as the product correlates major information before any need for human intervention.
  • Asset Discovery
  • Network SPAN monitoring
  • Event correlation of out-of-the-box directives and custom directives
  • PCI DSS requirements fulfillment and reporting
  • Appliance should have APIs so that data can be exported to smart dashboards and reports.
  • Limitation of 1000 EPS in All-In-One is very less even for small to medium organizations.
  • Email notification should be smarter and customization for better notifications
Being a great option for large organizations, AlienVault USM is very well suited for small companies as well. Since most cybercrimes are targeted at small companies, which lack funding for cybersecurity setup, AlienVault USM with its pricing model is well suited for all sectors of companies.
Read Naveen Sharma's full review
February 27, 2020
Xiaotong Song | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault USM is one of the tools that we use across the entire organization. It is used to monitor the traffic in our cloud infrastructure and also allows us to centralize the login information in one place, which is the AlienVault Secure Cloud. If there is a triggered alarm for suspicious traffic, it will track that.
  • Ability to identify issues
  • Reduces workload
  • No auto-investigation
  • Multitasking ability
AlienVault USM is well suited for an organization in which the security team is fairly small or an organization that does not have a specialized security team. The AlienVault USM allows such a team to monitor the traffic and threats without a huge initial investment in the infrastructure and without worrying about tuning.
Read Xiaotong Song's full review
January 28, 2020
Anthony Guynes | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use USM to monitor our organization and we deploy it to our customers so we can monitor them with our NSOC.
  • It does a great job of correlating the traffic that it sees and compares it to Open Threat Exchange.
  • It's easy to read and set-up.
  • When looking at events from a destination IP, the USM doesn't show you the total number of these until you find the last page. It just says "XXXX of 4,000,000".
For the price, AlienVault has a lot of reporting dashboards and plugins that make it a very valuable SIEM. It also has very good scalability, so whether you have a large organization or a small business, there is a solution for you. The USM is also very user-friendly which lets you be able to start monitoring right away.
Read Anthony Guynes's full review
January 27, 2020
John Keenan | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
We use AlienVault USM as the SIEM for a large healthcare organization with numerous disparate sites and a small security team. We also employ a SOCaaS to help optimize and monitor for 24x7 operations.
  • Lots of ability to generate reports.
  • Solid appliances ingest many sources.
  • Default settings are a bit esoteric and require outside expertise for optimization.
  • AI isn’t really catching as much as I thought it would.
This is well suited to small organizations that need a SIEM but can’t justify Splunk or LogRhythm.
Read John Keenan's full review
March 18, 2020
Alan Yair Villaseñor Cervantes | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Review Source
We are using AlienVault USM to monitor our whole network. We then sell to and manage the app for clients.
  • Simple UI
  • Easy to use, even if you are not used to it
  • It makes everything simpler to monitor.
  • Difficult to get the files in the forensic area
  • The investigations could be more user-friendly, or it could apply some AI to be quicker.
AlienVault USM is well suited if you want to get a SIEM to monitor your network, because it is easy to use and easy to deploy.
Read Alan Yair Villaseñor Cervantes's full review
July 13, 2020
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Review Source
We use Alienvault USM internally in our Security Operations Centre as part of our detection and response capabilities. We use it to monitor our on-premise networks and devices, our cloud servers as well as our cloud SaaS services. It allows us good visibility into our entire infrastructure and the events and alarms that we would otherwise miss.
We also implement and manage AlienVault USM deployments for clients as our recommended SIEM solution.
  • Ease of deployment and quick to get operating.
  • Wide range of plugins and log receivers to ingest logs from many sources.
  • Simple interface and dashboard makes daily operation quick and easy.
  • Custom notification templates can be limited - it is not easy to get custom email alert content for example.
  • Some network configuration on premise is needed to take full advantage of NIDS (port/traffic mirroring for example).
  • Vulnerability scanning and reporting can be a bit sparse if you are used to the likes of Nessus.
AlienVault is well suited to companies that use either Azure/Office 365 or GSuite due to the built-in integrations that come with the product. Less complicated networks are easier to fully monitor all traffic on, thus taking advantage of richer correlations of events.

While it works with fully on-premise deployments (Exchange, file server etc), additional configuration for log correlations and alerting will likely be needed. Also for complex networks, getting the required port mirroring to ingest all network traffic can be difficult.
Read this authenticated review
July 11, 2020
Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
USM is used across the whole organization and helped us complete and maintain security requirements for an SoC 2 Type 2 compliance. We used USM for Cloud and on-premise for multiple isolated environments. The tool works well but does require much fine-tuning and can be complex without proper training and or guidance.
  • Stability
  • Content filtering
  • Documentation
  • Self service onboarding
  • In-app recommendations for common configurations.
  • Improved error resolution.
USM is well suited for AWS but isn't well suited for on-premise environments to fulfill the role of a NIDS without a potentially uncommon network port mirroring if there are 6+ subnets to monitor. USM will require, as could be expected, security auditing and certain configurations before being useful. USM is best used in well-organized environments and it may not be the best tool if you're looking to get environment security information on an unorganized environment.
Read this authenticated review
July 09, 2020
Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
We use AlienVault to monitor our servers for malware or attacks against our network. It's a little difficult to set up initially but once you get it dialed in, it's great! It helps us monitor all of our systems and ensure that we are protected.
  • Easy to understand what is going on with the server.
  • Works on firewalls.
  • Alerts are easy to set up.
  • Support isn't always the best.
  • Hard to initially set up.
I think this works best in an enterprise environments where there are too many servers and objects that need to be monitored and a free product wouldn't work. AlienVault does a good job of allowing you to get down into all the alerts that the machines give off, and also gives suggestions of how to resolve the issues. Sometimes the suggestions aren't great or don't work, but nothing a little googling can't fix.
Read this authenticated review
July 07, 2020
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Alienvault USM Anywhere touches all endpoints and networks of our organization. Is solves some big problems like:
1) Logging aggregation and actionable insights using log correlation.
2) Threat hunting & intel.
3) Vulnerability management and validation of our separate patch automation software.
4) Security orchestration.
5) Asset discovery and inventory management.
  • Log Correlation: The engineers at Alienvault/AT&T Cybersecurity have included a great integrated rule set (which continues to grow) to save analysts time on combing through logs and instead executing threat hunts, investigations, and remedial activities.
  • Single pane-of-glass for all security activities from the convenience and efficiency of a SaaS web console, being that USM has deep integrations with over a dozen major software platforms (Office 365, GSuite, ZScaler, Box, etc.) and what they call plugins which interpret log and SIEM data from hundreds of vendors and platforms like Meraki, CrowdStrike, Aruba switches and AP's, etc.
  • Great value! You can pay the same or more for other big name SIEM vendors that offer less features than this platform. Plus, even if you begin ingesting too much log data, you can filter specifics types of logs (for example, ones that have no impact to security) to bring data ingestion in line with your subscription level. The onboarding team did a great job in right-sizing our subscription plan, so this hasn't been a problem.
  • Vulnerability scanning is currently done by authentication into the host over the network, even when the AlienVault USM agent is installed on an endpoint. It would be nice to have near-real-time vulnerability information provided via the agents. This would also delete the need for specially-configured remote-access admin service accounts on endpoints, which is just another account that has to be administered, namely password management and auditing for potential abuse and compromise.
  • Endpoint agent support for ARM architecture is just starting to get going -- wide availability across Linux and MS Windows/Server platforms won't be available until possibly circa mid-2021. Fortunately, at least general asset scan info, authenticated vulnerability scans, etc. still provide a good deal of security inspection into these devices.
  • Making some UI settings persist across logins on the web console is still lacking. Would also be nice to change a "detailed view" to icons/thumbnails/tiles. UI is very efficient in some aspects but frustrating in others.
AlienVault USM Anywhere is well suited for medium-small (~150 employees) organizations up to the largest enterprises, regardless of almost any industry or industries. It is especially well-suited for any organization that has their own internal SOC. It is not well suited for organizations that have very few Windows endpoints, e.g. developer doing graphics and general-purpose business ops mostly on Mac and programming and mostly in Linux.

A MSP and especially MSSP would do well with this while organizations that pay for MSSP services might not need AlienVault USM.
Read this authenticated review
July 03, 2020
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Review Source
We use AlienVault USM to monitor our network flow and alert us if any of our alarms are triggered. We integrate our Cisco Umbrella and Meraki solutions so that it saves time, having a single dashboard without having to check each instance. We also like the ability to create custom alarms and us the threat exchange to be notified of any day zero vulnerabilities on the software we run in the office.
  • Easy intergration using APIs
  • Bespoke alarm configuration
  • OTX database
  • Needs to be fine tuned to get any valuable insight
  • Requires alot of resourses when running in VMs
  • Cost makes it hard to sell to smaller buisnesses
It has an intuitive and good user interface making it easy to train engineers. It provides the ultimate visibility and insight into any IT infrastructure.

The system may slow down considerably when a large number of events/logs are fed in the dashboard, so ensure there is enough storage each month.
Read this authenticated review
July 01, 2020
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Review Source
In my current position, I offer AlienVault USM Anywhere to businesses as a managed security service provider. The problem/solution use case is for multiple unrelated point solutions without centralized orchestration or a managed SIEM system in place.
  • The system is intuitive and easy to navigate.
  • Integration with key services like AWS and other cloud applications is crucial.
  • Links to MITRE, root cause, and remediation recommendations is also a very nice feature.
  • Difficult to configure for initial set up.
  • Key features like alarms for brute force attacks or malware should be automatic instead of needing to be created and configured.
  • Remediation should be taken one step further past recommendations to actual solutions able to be purchased or assisted by AlienVault.
Seems to be well suited for larger networks with multiple assets and no orchestration in place. The small business is not what I see as an ideal candidate due to the complexity involved to deploy and configure without dedicated IT staff.
Read this authenticated review
April 03, 2020
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
I have used AlienVault in a controlled lab environment to assess its power in solving the security challenges of an organization. AlienVault provides a clear picture of the events and incidents throughout the network infrastructure and provides us with a way to mitigate any issue.
  • Great log aggregation and management tool.
  • Great intrusion detection and investigation tool.
  • Very easy to set up and get it going in a very few steps.
  • AlienVault can look into providing log collection methods other than using a sensor.
  • AlienVault USM capabilities should be replicated to AlienVault OSSIM except that with OSSIM there wouldn't be any support.
AlienVault USM is well suited for a situation where an engineer needs to set it up quickly and easily.
Read this authenticated review
March 12, 2020
Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault USM is used by the Cyber Security Team of the company as a SIEM. Basically we use it for our investigation by utilizing the events and alarms section. AlienVault is actually easy to use and understand. It helps in making the investigation process a lot more efficient. It also provides Threat Intelligence that helps identify which of the alarms we should prioritize.
  • AlienVault offers Rule Creation which helps in testing out new implementations such as alarm suppression, event suppression, etc.
  • AlienVault is easy to navigate. At first, I was kinda confused watching my teammates use it but the more I spend my time with AlienVault the more I appreciate its features.
  • For me, I really appreciate the filters. I can filter out events specifically, which reduces time spent on looking for a particular event.
  • I think adding multiple events in the investigation would really help.
  • When opening an alarm, I hope we could just open the events on another tab directly.
Some alarms from the AlienVault NIDS still lack the information we need to fully identify whether or not the alarm is a legitimate attack or not. I'm not sure but it would help if we are able to see events prior and after the alarm to at least have an idea of what's going on. Also, the associated events really helps, but it doesn't consider all the events related to that particular alarm. Although I understand that it's impossible to do that but it would be best if we can be redirected to the events page where all the associated events are included as well as the events prior and after those for a specific amount of time. Since once we deal with a very large number of events, it's kind of hard to investigate since all we can see are the event names. (Customizing the columns is sometimes forgotten.)
Read this authenticated review
March 09, 2020
Anonymous | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User
Review Source
We use it primarily to monitor our edge gear.
  • Data is ingested quickly.
  • Its easy to get data in.
  • Filter rules are very customizable.
  • Implementation was dicey.
  • I wish it had a real time data feed.
  • Its been a struggle to keep under our data cap.
I think it works well - but it's not something an average IT guy would want to tackle. I think its probably better suited for large enterprises or MSSP's that have full-time staff to babysit it.
Read this authenticated review
March 01, 2020
Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
Alien Vault is our ATT MSSP SIEM for the entire organization.
  • Event filtering is intuitive.
  • Investigations are well-integrated and provide useful event and alert aggregation for review and analysis.
  • Dashboards have plenty of colors and graphs to please management.
  • The ability to save (event) views saves a lot of time.
  • The session timeout is veiled and I've lost work typing notes into the window of an expired session unknowingly.
  • It does not process eStreamer.
  • It cannot parse the "blocked" field in source fire logs so you can't see if IDS events are blocked or not.
  • Sometimes performance lags.
In a mid-sized business, paired with managed services, USM would really shine. Many of the ancillary offerings (agent, vuln scanning, forensics, and response) are already provided by tools that a larger organization would already employ. Also, be cognizant of your event consumption. If you exceed your monthly limit, "USM Anywhere will no longer store events in the searchable data store, but it will continue to generate alarms, run authenticated asset scans and store raw logs associated with events in cold storage."
Read this authenticated review

Feature Scorecard Summary

Centralized event and log data collection (1)
8
Correlation (1)
8
Event and log normalization (1)
8
Deployment flexibility (1)
7
Custom dashboards and views (1)
6
Host and network-based intrusion detection (1)
7

What is AlienVault USM?

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, including SIEM, intrusion detection, vulnerability management, as well as continuous threat intelligence updates. The vendor states that even for resource-limited IT security teams, AlienVault USM can be affordable, fast to deploy, and easy to use. It eliminates the need to deploy, integrate, and maintain multiple point solutions in the data center.

Smart, automated data collection & analysis: USM Anywhere automatically collects and analyzes data across the attack surface, helping to quickly gain centralized security visibility without the complexity of multiple disparate security technologies.

Automated threat detection powered by AT&T Alien Labs: With threat intelligence provided by AT&T Alien Labs, USM Anywhere is updated automatically to stay on top of evolving and emerging threats, so the security team can focus on responding to alerts.

Incident response orchestration with AlienApps: USM Anywhere supports a growing ecosystem of AlienApps, enabling the user to orchestrate and automate actions towards other security technologies, able to respond to incidents quickly and easily.

AlienVault USM Features

Security Information and Event Management (SIEM) Features

Has featureCentralized event and log data collection
Has featureCorrelation
Has featureEvent and log normalization
Has featureDeployment flexibility
Has featureIntegration with Identity and Access Management Tools
Has featureCustom dashboards and views
Has featureHost and network-based intrusion detection
Additional Features
Has featureAlienVault Open Threat Exchange

AlienVault USM Screenshots

AlienVault USM Videos (2)

Watch AlienVault USM Anywhere: Five Essential Cloud Security Capabilities in a Single SaaS Platform

Watch See How We're Pushing the Outer Limits of Security

AlienVault USM Downloadables

AlienVault USM Competitors

AlienVault USM Pricing

  • Has featureFree Trial Available?Yes
  • Has featureFree or Freemium Version Available?Yes
  • Has featurePremium Consulting/Integration Services Available?Yes
  • Entry-level set up fee?Optional
EditionPricing DetailsTerms
Essentials$1,075per month
Standard$1,695per month
Premium$2,595per month

AlienVault USM Support Options

 Free VersionPaid Version
Phone
Email
Forum/Community
FAQ/Knowledgebase
Social Media
Video Tutorials / Webinar
Live Chat

AlienVault USM Technical Details

Deployment Types:SaaS
Operating Systems: Unspecified
Mobile Application:No
Supported Countries:Global