Great product to meet many SIEM requirements
May 24, 2019

Great product to meet many SIEM requirements

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Software Version

USM Anywhere (SaaS)

Overall Satisfaction with AlienVault USM

We use AlienVault to help manage PCI compliance within our AWS infrastructure. AlienVault is used for intrusion detection, file integrity monitoring, monitoring of VPC flow logs, WAF logs and more. We also utilize the reporting.
  • Integrating with other applications.
  • Satisfies several PCI requirements.
  • Nice customization for the dashboard.
  • Support is very good.
  • The UI is slow to load. Not extremely slow, but noticeably.
  • I have found no way to easily move a suppression rule to a filtering rule.
  • Needs more tiers for data usage. You can only go up in increments of 500gb which can be expensive and overkill for smaller businesses.
  • Sales teams and pricing for renewals - Huge price increase after the 1st year.
I have not used other products but did many demos with other companies before deciding on AlienVault. I selected them because they met all of my needs. Other companies may offer a HID/IDS system but do not include FIM. Or it offers those and does not allow for reports or alarms. Or it does not integrate well with other products. For these reasons, we chose AlienVault.
I find that Alienvault is well suited for companies with a smaller or nonexistent security team, especially when trying to meet some requirements of PCI. It handles IDS and FIM requirements well once you get things set up properly allowing your operations team to focus on other projects rather than worrying about complex ossec deployments.