AlienVault ~6 Month Review
April 17, 2018
AlienVault ~6 Month Review
Score 10 out of 10
Vetted Review
Verified User
Software Version
USM Appliance (On-Premises)
Overall Satisfaction with AlienVault USM
AlienVault is currently being used in my organization to provide visibility on the activities we cannot see from the edge firewalls such as user to server or server to server traffic. Combined with the HIDs we are able to identify security vulnerabilities down to the source machine and or user, and either at the top (egress) or bottom (client/endpoint) most point in our network infrastructure. This overall helps with the tightening of the policies on the network security assets as we now have data showing endpoint and activity correlations.
- Up to this point, I have had no issues integrating with a system we currently have in production. while AlienVault stays on top with plugin updates.
- Te dashboard is very informative when you figure out how to navigate around it and tweaked to your organization needs.
- Correlation of events is probably my favorite as I normally only need to jump on the AlienVault dashboard to hammer down on network traffic/activity details.
- At times I do find navigating the dashboard for very specific functions to be difficult.
- For entry level security analysts or administrators I feel can get overwhelmed with the amount of data available from a single platform (in a good way)
- helpful to understand Linux for certain tasks
None at the time as the product was purchased before I joined the organization.