Cyber success with AlienVault
Updated May 18, 2017

Cyber success with AlienVault

Stephen Raju | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with AlienVault USM

AlienVault Unified Security Management (USM) is being used for our whole organization. We also provide USM as a service through our MSS program. It helps us widely in the compliance requirements for our organization and also provides us with complete control over users and system technical activities, which also helps us tremendously in detecting threats within the organization.
  • As asset management, VA, SIEM, and behaviour monitoring are all built into one platform, this is a jackpot for a security/incident investigator.
  • The user interface and dashboard are easy to navigate with amazing drill down ablity, which helps in investigating issues easily.
  • The risk-based approach, correction, and OTX are crucial to this product.
  • The overall stability of the product.
  • Agentless log collection with IDS feature.
  • More improved incident analytics ability.
AlienVault stands above all the SIEM solutions for its well-integrated asset management, vulnerability assessment module, behavior analysis and its other modules providing a single console for managing the complete security of the information in an organization. The other reasons that AlienVault stands above are the ease of deployment and management.
The OSSEC agent of AlienVault does a great job in threat detection, as it identifies the threat from the end machine and triggers a signature to alarm. Along with this, the OTX plays a vital role in mapping the threats around the globe with the activities happening within the organization. These two features of AlienVault help in identifying the threat better than any other solution.
Our organization has achieved the benefit of USM totally, as the product solved our business requirement by preventing the business from cyber threats, through it simplified self-detection of threats by OSSEC and the NIDS agent. The ability to define advanced event correlation rules as per our business requirement simplifies the threat detection process.
Best suitable for managing complete security for small and medium size businesses. Best suitable for monitoring the entire informational activity of the organization with its log and network monitoring ability, which is powered by the behavioral analytics ability of the product. Less appropriate for large size companies, due to the large volume of data.

Evaluating AlienVault USM and Competitors

The advanced correlation rules add more value for the purpose of the USM rather than OSSIM, whereas in OSSIM it is not very frequently updated.
Better out of box reporting and custom report feature of USM is as added advantage than OSSIM.