AlienVault a stronger solution
March 23, 2018
AlienVault a stronger solution
Score 8 out of 10
Vetted Review
Verified User
Software Version
USM Appliance (On-Premises)
Overall Satisfaction with AlienVault USM
AlienVault is used by the Southfield office of Equain LLC. We needed a SIEM for our HITRUST compliance and I purchased the entire suite. I had used OSSINC a few years back in conjunction with Splunk to create a SIEM solution for a retail chain. I followed OSSINC and when I read that AlienVault had taken the product and enhanced it along with added capabilities, I was comfortable with the purchase. I am impressed with the Nmap capabilities, very quick and non-invasive. The vulnerability scanning gives a user options such as a quick non-invasive look at a network. I also do a deep scan that takes more time but very comprehensive. One more item I like is the HIDS deployment capability, this not only protects our workstations but most of our servers. The added data to the network data gathered by the SIEM is invaluable.
- The SIEM does a good job of correlating network data from multiple sources along with the Data from deployed HIDS
- The Nmap scan is fast and non-invasive that defines devices on your network.
- The vulnerability scanning has several options and reports to enable data to be available for compliance purposes.
- Walking through all the devices after a Nmap or device discovery scan can be tedious to get the data correct
- When deploying HIDS, it would be better if the system gave more detail as to the deployment error
- Offline updating of licenses can be a little time-consuming
I felt that AlienVault performed the SIEM aspect as well as the one mentioned. My opinion has always been that the SIEM product is as good as the person using it is experienced. I selected AlienVault because of the many added features.