Great for monitoring common systems; hard to customize
June 03, 2019

Great for monitoring common systems; hard to customize

Anonymous | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User

Software Version

USM Anywhere (SaaS)

Overall Satisfaction with AlienVault USM

We are using it as a SIEM to aggregate and monitor events generated by our AWS infrastructure. It is being used across the entire organization.
  • Easy to get started
  • Very proactive account executive
  • Plugins are not configurable by the user. If they don't have what you use, you're in a long queue for custom development.
  • Support is very transactional and often needs several touches to resolve issues
  • Some quality issues were encountered
AlienVault was recommended by a security advisor. We replaced several home-built systems; however, we also had to build several additional systems in AWS CloudWatch logs to handle log types that AlienVault is not able to ingest/process.
It is very suited for out-of-the-box monitoring, such as ingesting and parsing CloudTrail. We would not have been able to replicate the functionality it provides us on this type of alerting without significant investment.

On the other hand it is much less suited for anything more nice, complex or requires flexibility, such as parsing application logs. We ended up building our own solution for those.