As close to "Turn Key" as possible
Overall Satisfaction with AlienVault USM
Alienvault's USM SIEM tool is currently in use for several clients of the MSP/MSSP I work for as a security engineer. While I have not been involved in all stages of deployment for all clients my role requires my involvement in all aspects of the product's lifecycle. As with many deployments, we utilize AlienVault USM as a SIEM tool and for SIEM related tasks.
Pros
- Easy to Deploy
- Easy to Maintain
- Rockstar Support
Cons
- Documentation, while expansive, is highly technical and less technical users may have issues appropriately utilizing the resources.
- The AlienVault community of users is quiet but still contains good content.
- AlienVault is less traditional and more "startup" this may or may not be a negative.
AlienVault is well rounded and fits well in most scenarios for most users. Deployment time is minimal compared to Splunk and feature set is more robust. The secret sauce with AlienVault is that it's a comprehensive package that is legitimately good at what it sets out to do, there are no features I feel could be improved greatly unlike others.
Comments
Please log in to join the conversation