AlienVault USM - A worthwhile SIEM platform that delivers value in the first days of usage
April 13, 2019
AlienVault USM - A worthwhile SIEM platform that delivers value in the first days of usage
Score 8 out of 10
Vetted Review
Verified User
Software Version
USM Anywhere (SaaS)
Overall Satisfaction with AlienVault USM
AlienVault USM is being used in a phased approach to build an internal SoC function. We initially used it to collect server and device logs centrally for retention. This was then expanded to allow for security alerting and threat intelligence. Through the use of the platform we are able to prove our security processes and working practices are effective in mitigating company risk. Additionally, this solution is making up part of our ongoing accreditation for Cyber Essential Plus by enabling us to evidence good practice with regards to security and compliance.
- Threat intelligence
- Centralisation of logs and events
- Event management
- Integration into SaaS first ITSM platforms for better workflow
- GDPR compliance dashboard (to show potential breaches and resolution specific to sensitive data that has been classified and tagged)
- Native integration with SMS services for event alerting (such as a detected cyber attack)
They are similar in concept and operation. AlienVault USM platform feels a little more search friendly than the competition. Threat dashboard within AlienVault USM is much more consumable in the initial days of release and has a much more user friendly feel to it versus others. The same level of service comes from each SIEM platform. AlienVault USM does offer additional features such as vulnerability detection which is a huge plus.