1. Home
  2. Security Information and Event Management (SIEM) Software
  3. AlienVault USM Reviews
  4. User Review of AlienVault USM
Alien Vault has been a great choice
November 04, 2016

Alien Vault has been a great choice

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Overall Satisfaction with AlienVault Unified Security Management

We use Alien Vault USM to perform security log reviews. We have used general log collection software in the past but really needed to move beyond log collection to log inspection with intelligent alerting out of the box. We're a very small shop so we needed a SIEM tool that was easy to install, configure, and use. We also needed relevant alerts out of the box. We are at the point where we do receive alerts with actionable information.
  • Built in correlation and directive rules. This fits the out of the box need.
  • Ease of use. Of the four SIEM tools we investigated, Alien Vault was the only one to show in a demo how easy it was to use. Others made promises but Alien Vault showed proof. That has continued in our experience as well.
  • Solid 3rd party monitoring and professional services. The company that performed the install was excellent. They helped us work through some configuration issues in our environment. We also decided to utilize a 3rd party for 24/7 monitoring and they have been excellent and responsive as well.
  • Frequent improvements. Alien Vault appears dedicated to improving its product. In the relatively short time we've had it in place we have received several updates to features and functionality.
  • The ad hoc search feature doesn't always return relevant results. Some of this may be a learning curve but some default queries would be helpful.
  • Nothing else to really add. We've been very impressed with it so far.

In each case, the other vendors were very slow to respond to demo requests and price quotes. We waited for over three months for a price quote for QRadar before we gave up and moved on. On top of that, only Alien Vault was able to accurate gauge our licensing needs. This is critically important given the costs involved and the fact that the licensing models can vary from vendor to vendor.

The QRadar demo made many promises, especially that it was easy to use, but they weren't able to demonstrate it. QRadar was our second choice.

Splunk was our third choice. We loved the tool and the security plug-in but it came across as extremely complex and we had little desire to install something that we'd never be able to keep running.

LogRhythm didn't get too far into the process as their sales guy insisted on having a reseller involved that we did not want to deal with.

Alien Vault was the most responsive of all of the companies. We had a demo done and price quote in hand months before any of the others. Yes, months. They acted like they wanted our business and they continue to act that way now. Outstanding experience overall.

Any small to medium sized business would be a perfect fit if they're in the market for a SIEM tool. It's ease of setup and use make it particularly well suited to those environments. I'm not sure about larger businesses and enterprises simply because we haven't had to scale it that large. But, it's at least worth a look. SIEM tools can be extremely complex to install and manage. With tighter budgets we couldn't afford 2-3 people to manage a SIEM tool for us much less around the clock monitoring. Alien Vault gives a full featured SIEM that we're able to use ourselves when we have time but allows us to afford 3rd party monitoring for the 24/7 security of knowing that critical activities will be seen and responded to.