TrustRadius
A complete security framework that works on multiple layers.
https://www.trustradius.com/security-information-event-management-siemAlienVault USMUnspecified8505101
Erlon Sousa Pinheiro profile photo
September 11, 2018

A complete security framework that works on multiple layers.

Score 9 out of 101
Vetted Review
Verified User
Review Source

Software Version
USM Anywhere (SaaS)

Overall Satisfaction with AlienVault USM

Originally AlienVault was a product we sought to meet requirements for GDPR, but soon in our initial review, we realized that it would deliver much more than we needed. We currently have a solution that provides us with information for decision-making and proactive action in the security context of our environment. The solution proved to be so well thought out, with an excellent technical background that personally, I invested heavily in an apprenticeship and became an AlienVault USM certified engineer.
  • AlienVault enables integration with external technologies, thereby broadening its scope and possibilities.
  • AlienVault has a dashboard customization and reporting scheme that makes it flexible to query your data, allowing you to model the tool according to your needs.
  • AlienVault will make you forget the need to consult some information on AWS Cloudtrail. It extracts the data from there and delivers in a much more efficient way.
  • With a single tool you can monitor your cloud and on-premises environment.
  • Their commercial policy on stored data makes you need to filter out some information before it is stored.
  • Their new agent does not allow you to create local filters, which can easily lead to the overrun of monthly contracted storage limits.
  • It does not allow you to create log analysis plugins. If it were allowed, it would be possible, for example, to create a plugin for analyzing the logs of an application created by your company.
AlienVault was the analyzed solution that delivered more value for less. It has several features and functionalities that do not exist in other analytic solutions. As previously mentioned, we needed an IDS and hired a complete multi-tiered security solution from SIEM to a vulnerability scanner of our cloud resources.
Especially since AlienVault has its own security research lab, recent threats are quickly added to the database. It is even common to see in the security-related community the presence of AlienVault researchers reporting security breaches detected by them.
I have used several security tools before in other companies where I worked. Most of them are based on free solutions. By choosing AlienVault in the company where I currently work, I no longer need to worry about the tool itself, installation, maintenance, upgrade, etc. I basically focus my efforts on analyzing the results that are delivered in a much simpler and less costly way.
Since AlienVault is a versatile tool, having versions for various cloud providers as well as virtualization frameworks, it adheres to the most diverse scenarios. Another strong point to be highlighted is how the company is constantly improving the product. AlienVault is famous for the effort the company puts behind the tool, and it is being improved constantly by adding new resources.

Evaluating AlienVault USM and Competitors

  • Price
  • Product Features
  • Product Usability
The main factor was meeting requirements for GDPR, but the tool provided much more than we needed.
I do not see at first something that I would change in the process. I can say that the process was executed in a detailed way and that the result was totally within our expectations.

AlienVault USM Support

Basically by perception. I am well attended to, the staff is technically efficient. I found a bug once and in a few weeks it was fixed.
ProsCons
Good followup
Knowledgeable team
Problems get solved
Kept well informed
No escalation required
Support understands my problem
Support cares about my success
None
Yes - It took a little longer than I would like, but nothing that would compromise the quality of the service.
There was a situation where my sensor was outdated and auto update did not work. When you open a call, a member of your support team contacted you by scheduling a time to manually perform the update. At that time the service was done quickly with almost no problem and from there the automatic update came back working correctly.