One of the best SIEMs out there
Software Version
USM Anywhere (SaaS)
Overall Satisfaction with AlienVault USM
We use AlienVault USM to monitor our network flow and alert us if any of our alarms are triggered. We integrate our Cisco Umbrella and Meraki solutions so that it saves time, having a single dashboard without having to check each instance. We also like the ability to create custom alarms and us the threat exchange to be notified of any day zero vulnerabilities on the software we run in the office.
Pros
- Easy intergration using APIs
- Bespoke alarm configuration
- OTX database
Cons
- Needs to be fine tuned to get any valuable insight
- Requires alot of resourses when running in VMs
- Cost makes it hard to sell to smaller buisnesses
Comments
Please log in to join the conversation