Great introduction to SIEMs
Overall Satisfaction with AlienVault USM
We use AlienVault in our organization to monitor the environment of our clients, all the way from reviewing suspicious activity to performing server health-checks and behavior.
Pros
- Great documentation.
- Overall good support.
- Nice UI.
Cons
- UI can be wonky at times.
- Log search from the SIEM UI is quite troublesome as every filter applied performs the search again.
- Some features can stop working seemingly out of nowhere, requiring contacting support.
AlienVault USM is considerably more user-friendly, but it does fall short with the search functionality that a query language offers when looking for specific logs/statistics/data.
Comments
Please log in to join the conversation