AlienVault: could this SIEM vendor become the next big thing? | TrustRadius

Use Cases and Deployment Scope

AlienVault is our corporate SIEM. It is used to collect and analyze logs for security events.

Pros and Cons

Collects AWS CloudTrail logs
Collects OS logs
Has many integrations with other security products

The technical support is not good.
It is a closed system and it is not easy to search raw logs like in Splunk.
If it is missing a particular integration one needs to have a backup solution (e.g. Splunk or similar).

Alternatives Considered

Splunk Enterprise

AlienVault has some canned integrations which make it easier to jumpstart. Splunk requires more manual config effort.

Likelihood to Recommend

AlienVault is well suited for cloud infrastructures such as AWS. AlienVault will struggle with collecting logs from in-house developed apps.