Overall Satisfaction with AlienVault Unified Security Management
We are using AlienVault Unified Security Management for PCI compliance purposes. We are monitoring specific systems and network traffic to meet our PCI DSS requirements. It is handling scanning for vulnerabilities on those systems as well as some other key organizational systems and platforms.
- Combining many tools in to one nicely packaged system - used OSSEC but it's a real pain to configure and implement. AlienVault Unified Security Management sets up much easier and very powerful out of the box.
- Event correlation.
- Alerting of issues.
- Tuning out noise - i.e. setup/tear down of sessions in firewall. Would be nice to have a template ready to implement.
- Documentation pertaining to the actual setup/configuration. Right now, you really need to purchase engineer time to get things set up and running in a timely and efficient manner.
- UI flow. Recent updates have made great strides but there's still room for improvement.
- Trend Micro OSSEC
AlienVault Unified Security Management is just a better integration of the tools needed for monitoring your environment. Adding to the polish of the product, the support behind the software has been great.
Using AlienVault Unified Security Management
3 - IT and information security. The users control the backend systems handling card data and the infrastructure supporting those systems.
1 - The user has gone through the 1 day launch pad training, worked with an implementation engineer, and taken the 5 day AlienVault course. All of the information learned through the hands on and course time has helped the most. Some Linux skills are very helpful as is knowledge of networking and security practices.