Increase cyber threat visibility with AlienVault USM
December 01, 2016

Increase cyber threat visibility with AlienVault USM

Damian Ezequiel Zinni | TrustRadius Reviewer
Score 8 out of 10
Vetted Review

Overall Satisfaction with AlienVault Unified Security Management

Our company implements and manages AlienVault USM for external customers. Most of them use the product to help them with standards compliance, particularly log retention and internal vulnerability scanning.
  • Easy to deploy - USM can be deployed in a few hours. After that, you should configure endpoints to send events to it, and work on a baseline (e.g. filter false positives).
  • Behavioral analysis - USM has more than ~2.5k directives, and they are regularly updated. The product provides an easy-to-use and intuitive interface for monitoring and managing alarms.
  • Network Intrusion Detection - USM has a large signature database and also uses data from other sources to assess events' risk (e.g. the Open Thread eXchange). This helps increase visibility over network threats.
  • A handful of tools for cyber security - USM combines different tools in a single product to help you have more control on your environment and analyze possible risks.
  • Reports - Although USM has thousands of reports by default, most of them are very detailed and, therefore, lengthy. We would like to have executive reports for standards compliance, for example.
Customers who would like to better oversee their systems while having a set of tools that can help them analyze events and alarms in detail. The product is not a big data solution. While it can log a considerable [amount] of events and can be scaled-out to increase this, it's not intended to correlate a massive number of events, but rather be "smarter" in what to correlate.