Picking up AlienVault USM
September 05, 2019
Picking up AlienVault USM
Score 8 out of 10
Vetted Review
Verified User
Software Version
USM Appliance (On-Premises)
Overall Satisfaction with AlienVault USM
We currently use AlienVault primarily for the SIEM and vulnerability scanner. We use the intrusion detection agents across our servers and are in the process of setting up the system to use other features available through AlienVault, such as availability monitoring and creating custom plugins to monitor our bespoke systems. This is all maintained by our infosec, cybersecurity and infrastructure teams.
- SIEM is great for monitoring and maintaining our systems and networks, and with the right tuning the system becomes an incredibly powerful tool by being able to identify the difference between a high priority event and false positive.
- The vulnerability scanning is a very useful part of the system, especially as after finding any vulnerabilities it provides lots of detail on what was found along with a solution.
- User management has a good level of modularity, allowing us to restrict access for certain users to only certain areas.
- The system can be a little over-complicated to set-up to perform what I would think to be simple tasks. For example, sending an email notification on a certain alarm being created.
- The reporting module does not offer much visual customization, only allowing you to add your company logo and color scheme as a template.
Personally I haven't used any systems other than AlienVault USM, so I would not be able to compare any others.