AlienVault is easy to deploy and manage
Software Version
USM Anywhere (SaaS)
Overall Satisfaction with AlienVault USM
I am working for an MSSP as a managed SOC for my clients. AlienVault USM is addressing all security events of my customers.
Pros
- Main strength is the OTX community and all the IOC provided through this.
- Transparent upgrades of the product.
- Plugins and parser creation and updates handled by AlienVault so there's no need to develop our own parsers.
- NIDS and vulnerabilities scanner already included in the license with no additional cost.
Cons
- Many correlation rules (maybe too many) and we don't know what the real coverage of the risks is.
- Any ability to customize log parsers.
- Investigation system not really easy to use.
- No backups available so if I want to change the SIEM or have a problem with my licensing, I lose everything.
AlienVault USM is more affordable than the other solutions and much easier to deploy and maintain.
Comments
Please log in to join the conversation