March 09, 2020
Score 6 out of 10
USM Anywhere (SaaS)
Overall Satisfaction with AlienVault USM
We use it primarily to monitor our edge gear.
AlienVault was given to us, even though we already had Secureworks. Both SecureWorks and Fireye are more of a Managed solution. It's fine to say we'll use AlienVault but it requires a lot of expertise to get it running and alerting correctly. And even then, if no one is watching it, its really hard to say if its catching what it should. As for Splunk, if you are willing to already going to invest in the time implement a SIEM, you would be better off with it, because it can do so much more than just security.
I think it works well - but it's not something an average IT guy would want to tackle. I think its probably better suited for large enterprises or MSSP's that have full-time staff to babysit it.