Security Management with homework
Overall Satisfaction with AlienVault Unified Security Management
AlienVault Unified Security Management (USM) is being used by our entire organization to monitor security events and to correlate alarms within our business infrastructure. It addresses the need for one place to aggregate all device logs and parse important information in order to make security decisions based on event and alarm risk ratings.
Pros
- AlienVault USM has a large Open Threat Exchange network that reports and utilizes vulnerabilities from around the globe to allow users to better secure against attacks.
- AlienVault USM accurately monitors network devices for vulnerabilities.
- AlienVault USM provides flexibility in device monitoring with the ability to create/modify plugins to parse information from a variety of log sources.
Cons
- The technical support is not very detailed with their responses. It almost feels as if the issues are brushed off rather than addressed in a detail oriented manner (i.e. "Everything looks good." as opposed to "Here is what I did...").
- The Asset Manager does not update IP to device name correlation accurately. If you have a DHCP network with short leases, tracking issues by device name can be problematic.
- It does not integrate with Office365.
USM was more of a one stop shop than the other products that were reviewed.
Using AlienVault Unified Security Management
2 - Sr. Security Engineer and Director of IT. Engineer programs, monitors, and provides reports to the IT director who reviews them. Engineer and Director discuss issues and decide on mitigation techniques.
Comments
Please log in to join the conversation