AlienVault USM - Threat detection done right
July 01, 2019
AlienVault USM - Threat detection done right
Score 9 out of 10
Vetted Review
Verified User
Software Version
USM Anywhere (SaaS)
Overall Satisfaction with AlienVault USM
We use AlienVault to provide alerts for any irregular login activity along with other network behavior that is outside normal expectations. AlienVault also aggregates all our log files from network and edge devices into a single, searchable database. It corroborates events from various systems to better report on any unusual activity.
Pros
- Alerts on login activity from unexpected locations (countries)
- Aggregating log files for easy searching
Cons
- Better interpretation of errors into more natural language
- Easier grouping or categorization of alerts in order to assign them more efficiently to appropriate users/groups
Other solutions out there typically focus on one or more aspects of protection such as log inspection. Alien Vault does the job of several tools and simplifies the process of guarding your systems. Other applications may also be somewhat harder to configure such as Splunk. The trade off is usually capability versus ease of use. Other systems (Solarwinds) focus on the network activity and may have limited understanding of some devices. They may also not work with as wide a variety of vendors.
Comments
Please log in to join the conversation