AlienVault USM - The Core of Your Security Program
August 08, 2019
AlienVault USM - The Core of Your Security Program
Score 9 out of 10
Vetted Review
Verified User
Software Version
USM Anywhere (SaaS)
Overall Satisfaction with AlienVault USM
We use AlienVault to look for security alarms and user events. We have used it to report to managers across the company for user behavior analytics, login times, VPN usage, etc. It is helpful for Internet usage reports as well, our current Web filter does not have very good reporting capability but allows users to send the Syslog W3C data to our USM sensor which allows us to run much better investigations in an easier to use interface.
Pros
- Collecting data in an easy to understand timeline for investigations.
- Correlating attack events and alarms with the NIDS data.
- Providing asset vulnerability scanning for internal assets and remediation strategies straight from the USM portal.
Cons
- Adding asset information to investigations.
- Currently there is an issue with not being able to see event details from an investigation page.
- It doesn't make me coffee when I come into the office first thing in the morning!
We attempted to use RackFoundry previously which was a poor clone of AlienVault that was never implemented properly or kicked off. We used Rapid7 InsightIDR which we like quiet a bit as well, AlienVault USM just fit our organization better.
Comments
Please log in to join the conversation