AlienVault Review
March 09, 2020

AlienVault Review

Anonymous | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User

Software Version

USM Anywhere (SaaS)

Overall Satisfaction with AlienVault USM

We use it primarily to monitor our edge gear.

Pros

  • Data is ingested quickly.
  • Its easy to get data in.
  • Filter rules are very customizable.

Cons

  • Implementation was dicey.
  • I wish it had a real time data feed.
  • Its been a struggle to keep under our data cap.
AlienVault was given to us, even though we already had Secureworks. Both SecureWorks and Fireye are more of a Managed solution. It's fine to say we'll use AlienVault but it requires a lot of expertise to get it running and alerting correctly. And even then, if no one is watching it, its really hard to say if its catching what it should. As for Splunk, if you are willing to already going to invest in the time implement a SIEM, you would be better off with it, because it can do so much more than just security.
I think it works well - but it's not something an average IT guy would want to tackle. I think its probably better suited for large enterprises or MSSP's that have full-time staff to babysit it.

Comments

  • Tami Andrews | TrustRadius Reviewer
    Thank you for sharing your feedback!

More Reviews of AlienVault USM