Overall Satisfaction with AlienVault USM
I love that it integrates with everything and at different levels. I wish ISO27k was implemented as PCI-DSS for the "Compliance-scoped assets", but so far I love the product. It's the best of both worlds - having opensource stuff as well as support.
- AWS integration.
- Google integration.
- Asset grouping.
- Incident-automation with ServiceNow.
- Knowing software versions and asset information, we should be able to know the vulnerabilities as they come out without having to rescan the inventory. A rescan could be done to validate the info is still true (about versions and stuff), but instead of va-scan being the vulnerability "informer", you could check when a new vulnerability comes out - if we had this software/service configured somewhere.
- Malware protection? I'm honestly not sure as there's not a lot that AlienVault doesn't do :)
I have not needed to try any other products.