Wanted a SEIM without the headache. Picked AlienVault and threw out my Advil.
August 22, 2019
Wanted a SEIM without the headache. Picked AlienVault and threw out my Advil.
Score 8 out of 10
Vetted Review
Verified User
Software Version
USM Anywhere (SaaS)
Overall Satisfaction with AlienVault USM
We're using AlienVault USM anywhere at our Organization for its network scanning functionality as well as NIDS, and log collection and correlation capabilities. It covers a large range of input sources which works for our disparate environment. It will also help us to stay aware of our newly implemented and expanding cloud architectures' health.
- Ease of Use
- Built in / Updated Correlation Rules
- On Prem and Cloud options
- Host Agent available
- Customization of Agent
- Search Fields name doesn't match event info
I have used Splunk before and it is also a good product. I feel that AlienVault has a lower learning curve and is easier to setup and query. I would liken the comparison to Splunk is like using command line for setup and normalization where as AlienVault would be using a GUI with a wizard to guide you. Both will get you setup for SIEM but AlienVault is just easier to get started and working. Not saying I don't like Splunk. It was great for it's customizability and granularity.