AlienVault Review
March 23, 2018
AlienVault Review
Score 8 out of 10
Vetted Review
Verified User
Software Version
USM Appliance (On-Premises)
Overall Satisfaction with AlienVault USM
We are using AlienVault as a collection point for our security and appliance logging to take advantage of its correlation engine to identify security concerns we might not otherwise notice.
We are able to run various reports as needed or schedule them to provide insight into various metrics such as account lockouts, vpn connectivity, etc.
- Log Correlation - continuously growing list of correlation rules to catch network and security concerns.
- Log searching - quick sorting / searching through all of our security events.
- HIDS - It is nice to be able to track multiple specific metrics or logs against servers using the HIDS agent.
- Difficult to configure.
- They include training when you purchase AlienVault - which I feel is necessary. The downside is the training is really split between implementation and use, where the value for end users is really just use. Staff probably need this training to get most out of implementation.
Price - I think that this is the area they stand out the most, much easier to get into an AlienVault device than something like Splunk or Logrythm.