Aliens - our friends!
Software Version
USM Appliance (On-Premises)
Overall Satisfaction with AlienVault USM
Our organization is a reseller of AlienVault products. So we use AlienVault for testing and studying.
- Vulnerability Scanning is a great feature of AlienVault USM. It is a very powerful tool for securing your infrastructure, and it is comparable with other very big solutions in this market.
- Great view, great AlienVault Labs, a huge number of plugins and correlation rules, and it grows every day.
- NIDS - great module with up to date rules for almost all types of malware.
- Source IP = 0.0.0.0 The biggest hole in AlienVault. If in Syslog, there is no IP address, but hostname - in events we don't see src IP, just 0.0.0.0. This is really bad, it needs to be reconfiguring regex in all plugins.
- No information about AlienApps is provided in AlienVault USM anywhere in Essentials. We know that in the standard license we have all, but there is no info about it in Essential.
- More features for availability, monitoring. More dashboards that we can use in this module. We have Nagios on board, so let's use it with a graphical interface!
AlienVault - great for security, but Splunk is more useful in infrastructure monitoring.