AlienVault USM Review
September 06, 2019
AlienVault USM Review
Score 6 out of 10
Vetted Review
Verified User
Software Version
USM Appliance (On-Premises)
Overall Satisfaction with AlienVault USM
AlienVault USM is used in our organization for the purpose of providing us with threat detection and system vulnerabilities. Our day-to-day focus is concentrated on alarms intents and events. It is used in 90% of the organization from our local workstations, VM-host, servers, Azure, routers, etc. It does help us address out of date programs and nodes that were not patched during Windows updates.
- Implementation of agents and sensors are, for the most part, simple and easy. I have applied six sensors in our environment; two in Azure and the four on Hyper-Vs. Straight forward instructions.
- The AlienVault professional service team is very knowledgeable and helpful. We had four sessions with them and each time, we were provided great insights on tips and ways to best utilize the system.
- I believe that the dashboard is well designed. Easy and customizable to your needs and wants.
- A con with AlienVault USM is with false-positive reading with some of the vulnerability scans. Several instances occurred where it reports a computer with a particular vulnerability and requires a patch but the computer was indeed patched.
- Skimming through the logs is not easy. Real-time monitoring could be a lot better.
- Being alerted and emailed over 10x for the same instance of an event that shows up once in USM.
I cannot describe how AlienVault USM stacks up against others since AlienVault is our first IDS system we have used thus far.