Great if you can deploy and manage on-premises SIEMs
March 22, 2021

Great if you can deploy and manage on-premises SIEMs

Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Review Source

Software Version

USM Appliance (On-Premises)

Overall Satisfaction with AlienVault USM

It is being used department-wide. We offer professional services and deploy it for customers and ensure that the SIEM is configured properly. Our current customers are extremely satisfied with the product; the only drawback is that the absence of a skilled technician experienced in AlienVault USM can have trouble configuring and troubleshooting any problems.
  • OTX
  • HIDS
  • Asset discovery
  • Literal terminology used
  • UI
  • Troubleshooting

Do you think AlienVault USM delivers good value for the price?

Yes

Are you happy with AlienVault USM's feature set?

Yes

Did AlienVault USM live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of AlienVault USM go as expected?

Yes

Would you buy AlienVault USM again?

Yes

  • Better view of company assets
  • Better view of security overall
  • Good real-time alerting
QRadar is one of the top SIEMs on the market. AlienVault USM is more suitable for companies or clients having a smaller budget, as AlienVault USM is cheaper than QRadar. Regarding features, QRadar trumps AlienVault USM, as it is a product with a vast array of features.
It is well suited for companies having the resources to deploy on-premises SIEMs and the technically skilled staff to manage it. It's ideal for big companies which require an SOC. It is not suitable for companies with fewer resources, a lack of skilled staff to manage the SIEM, and less financing in security budgets.

AlienVault USM Feature Ratings

Centralized event and log data collection
8
Correlation
8
Event and log normalization/management
8
Deployment flexibility
7
Integration with Identity and Access Management Tools
6
Custom dashboards and workspaces
6
Host and network-based intrusion detection
8

Using AlienVault USM

2 - Deployment and management of AlienVault instances of both USM Anywhere and USM Appliance. They are security technicians with AlienVault engineer certifications. They act as L1, L2, and L3 support for AlienVault-deployed instances for our customers. They are AlienVault-certified technicians acting as administrators or overseers for existing deployments.
Cybersecurity professionals with deep technical understanding about networks, OS, and logs.
  • SIEM
  • Network monitoring
  • Systems security
  • Endpoint protection
  • Activity monitoring
  • External network activity monitoring
  • Systems and server hardening

Evaluating AlienVault USM and Competitors

  • Price
  • Product Features
  • Product Reputation
Product reputation, especially after becoming AT&T security
Splunk and ArcSight are potential suitors

AlienVault USM Support

Pretty satisfying
ProsCons
Knowledgeable team
Problems get solved
Kept well informed
Immediate help available
Support cares about my success
Escalation required