AlienVault USM Review
January 27, 2020

AlienVault USM Review

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Software Version

USM Anywhere (SaaS)

Overall Satisfaction with AlienVault USM

AlienVault is used as a SIEM with ATT managed security services assisting with monitoring and creating alerts for potential incidents.

Pros

  • Easy to use rules, events will pre-populate fields for alarm rules allowing for quick creation
  • Friendly interface with logical layout of settings and options

Cons

  • Some room to improve the scaling of sensors. Sensors struggle to handle millions or events which results in dropped events in large environments
  • USM is upgraded automatically and there is no way to control when your instance is upgraded. This can result in bugs in features without any way to test and control
AlienVault is cloud based and offers more functionality than OSSIM such as cloud service monitoring like Office 365 and AWS, deployment of sensors for efficient deployment, and event integrations with the MITRE ATT&CK framework. USM also has a much improved GUI and allows for dashboard customization. Both use open source tools like Suricata, OpenVAS, etc.
It is great for those just getting started with a SIEM. Offers a lot of out of the box functionality and integrations. ATT managed services are also helpful for managing the services.

Comments

  • Tami Andrews | TrustRadius Reviewer
    Thank you for your comments & feedback!

More Reviews of AlienVault USM