Accurate, easy to setup, no maintenance required, but UI needs to improve.
April 29, 2019
Accurate, easy to setup, no maintenance required, but UI needs to improve.
Score 8 out of 10
Vetted Review
Verified User
Software Version
USM Anywhere (SaaS)
Overall Satisfaction with AlienVault USM
USM being used for our whole organization. It is deployed via sensor on various regions to capture in/out data for monitoring potential risk. We use USM as a centered logger and analysis system also collecting data from firewall/VPN, Office365, Crowstrike and others. It's convenient to integrate various plugins for gathering data/alert from different clouds/platforms. The whole system setup is pretty straightforward and not difficult to use
- Risk analysis is accurate. Cloud-based rule update means less hassle.
- Integrated plugins help centralize log/alert into one system.
- Filter/suppress rule is very easy to set. Easy to fit to our current traffic pattern.
- It's a pain to check each individual alert for detail, I wish there was a popup window or something similar to quickly go through each unusual alert.
- The UI seems not that efficient, and a little bit slow in my opinion.
- I wish we had a Kibana-like quick search criteria change function, click and go.
I believe USM is also using Suricata as a nids-based engine. The advantage of using USM is that they provide trouble free with cloud-based rule management/update. Plus USM integrates various plugins that are able to integrate many systems into one platform. A lot less trouble to source logs from a variety of systems.