1. Home
  2. Security Information and Event Management (SIEM) Software
  3. AlienVault USM Reviews
  4. User Review of AlienVault USM
A useful product, but needs work to compete with Splunk
July 27, 2019

A useful product, but needs work to compete with Splunk

Anonymous | TrustRadius Reviewer
Score 5 out of 10
Vetted Review
Verified User

Software Version

USM Anywhere (SaaS)

Overall Satisfaction with AlienVault USM

Security uses it as an SIEM and an investigations tool.
  • SaaS Log Management: it is easy to ingest logs from SaaS providers like G-Suite, Okta, and more.
  • Ease of use: I don't need a lot of engineering work to get AlienVault to a usable place.
  • Log Management: it's hard to ingest and organize logs in AlienVault.
  • Searching and Querying: the query language is difficult to use and impossible to copy between screens.
  • Threat Intelligence: there's no way to get external threat intel into AlienVault to make automatic detections.
I’ve found AlienVault to be the cheaper, simpler winner in the space, but their platform leaves a lot to be desired (though I still haven’t found anything better).
Splunk is the easy winner in this space, but they have a couple of barriers to entry, including price and the engineering effort required to run an incident detection engineering team successfully on Splunk. I’ve found AlienVault to be the cheaper, simpler winner in the space, but their platform leaves a lot to be desired (but I still haven’t found anything better).
Things I look for in next-generation SIEMs are unique searching and rules languages (Python or SQL would be so much better than a Splunk query), unique log collection mechanisms (Splunk UF still seems like the best, but some endpoint verification would be nice), and unique integrations with other security software or platforms (integration with Okta, G-Suite, and AWS).