Overall Satisfaction with AlienVault USM
AlienVault Unified Security Management is used across our entire group. We use this for both network IDS and server based IDS. AlienVault Unified SecurityManagement is a great single pane of glass to allow me to correlate our SIEM events with known vulnerabilities within our network. I use this to manage and track our security events using the ticketing system. Also it allows me to give specific access to various areas within the business like our asset owners; support teams and to automate alarms and reports related to the individuals.
This is invaluable to aid in our ISO27001 compliance program.
- Customisable dashboard to see everything at a glance.
- Correlation of events against known vulnerabilities within the Infrastructure.
- Open Threat Exchange to correlate events against knownn bad IPs and attack vectors.
- More ability to read windows event logs for system and application logs and filter out what is not required.
- OCS inventory built into the OSSEC agent.
- Comprehensive online up to date manuals to help in configuration of systems and known issues. Whilst the community is great there can be a lot of confusion about what is best.