1. Home
  2. Security Information and Event Management (SIEM) Software
  3. AlienVault USM Reviews
  4. User Review of AlienVault USM
Pretty good!
Updated July 28, 2017

Pretty good!

Jacob Lovell | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with AlienVault USM

We have a large campus with multiple IT support departments spread across it. Using AlienVault Unified Security Management, we are able to collect, interpret, and act upon log information from hundreds of devices all over campus. The ability to get intel on traffic crossing the network allows us to see threats before they cause damage, and the automated actions we can code using correlations (that we can also define ourselves) allows us to address those threats in a timely manner. AlienVault Unified Security Management is highly customizable and we have yet to come across a device or service that we can't interface with it.
  • Correlations out of disparate data sources.
  • Customizability.
  • Wide range of utilities baked in.
  • Not scalable to very large networks.
  • Requires lots of tuning to squelch false positives.
  • Is not easily backed up.
AlienVault Unified Security is too expensive for small operations and not scalable enough for very large operations. I would recommend this for companies that have maybe five thousand hosts at most, and no less than a few hundred. This software works better in environments where security is the top priority, rather than the ability of users to BYOD and browse the internet freely.

AlienVault USM Implementation

The fact that so many things come configured out of the box - Snort based NID, host based detection with deployable clients, self-motivated, automatic network discovery, vulnerability scanning - is the strongest point for AlienVault.