Overall Satisfaction with AlienVault USM
We use USM to monitor our organization and we deploy it to our customers so we can monitor them with our NSOC.
- It does a great job of correlating the traffic that it sees and compares it to Open Threat Exchange.
- It's easy to read and set-up.
- When looking at events from a destination IP, the USM doesn't show you the total number of these until you find the last page. It just says "XXXX of 4,000,000".
We've tried using Tenable's SIEM and we use AlienVault USM. Tenable has a lot of flexibility and offers a lot of options, but there is nothing set-up and it is very vanilla right out of the box. There is a lot of configuration that has to be set-up before you can even get alarms. AlienVault is mostly configured out of the box but also lets you customize the plugins to fit your needs.