Top Rated AlienVault USM (from AT&T Cybersecurity) Alternatives
Alienvault USM gives us the ability to monitor our on premise and cloud infrastructure via a single web based portal. It helps us to maintain our PCI compliance. We check our portal daily and i also get email alerts about alarms generated by the system. The system is relatively easy to set up and there are lots of plugins to translate the different log files generated by different manufacturers to give richer more useful information. Dashboards allow us to see trends and activity across all our areas of responsibility. We now get information from sources such as our Cisco Meraki switches, Office 365 Azure AD, One drive, SharePoint, Windows, and vmware systems. More integrations are being added all the time. It is also possible to create customized alarms and filters so that you can focus in on the things that are important to you. We like to run the joval (oval) scans on our in-scope systems weekly out of business hours so that end users are not impacted. Review collected by and hosted on G2.com.
In order to get a fully compliant solution we had to go for a premium subscription. This allows 90 days of real-time search and a year of cold storage. Review collected by and hosted on G2.com.
Video Reviews
Unbeatable SIEM
112 out of 113 Total Reviews for AlienVault USM (from AT&T Cybersecurity)
Overall Review Sentiment for AlienVault USM (from AT&T Cybersecurity)
Log in to view review sentiment.
I like the automated asset discovery feature, once we created the network tap, we could easily discover assets on the dashboard.
Another feature that I absolutely love is the integration with Alienvault OTX, having to group/categorise IP addresses and hostnames based on pulses from OTX gives you an idea of what you're about to investigate before you even get started. Review collected by and hosted on G2.com.
The least helpful thing would be the need to spend more for EPS.
If you have a large on-prem environment and you decide to use Alienvault, you could be regularly over-shooting the EPS count for your license, this increases cost.
The more your environment grows, the more you have to pay for licenses. Review collected by and hosted on G2.com.
This is a great SIEM with all the features we need. It has central management which is huge for us since we are an MSSP and have many clients in many different environments. It also has some built in connections with tools that are super helpful. Review collected by and hosted on G2.com.
I don't really dislike anything about Alienvault. The cost isn't very high and the services offered are pretty wide. If I had to change anything I think I would add rules based on time. Review collected by and hosted on G2.com.
They have an easy-to-understand UI, the case management is really good. Also, suppression of the false-positive area is very easily available. Onboarding of the data sources are easy. Review collected by and hosted on G2.com.
Availability of the SIEM tool is the major issue here. They have a lot of downtimes and even sometimes without prior notice, it is not accessible. Also the performance is very poor. It takes minutes after clicking once. Review collected by and hosted on G2.com.
A SIEM in all-in-one format, with which you can easily have the functionalities of a SIEM, network behavior analysis and vulnerability analysis.
Plus, it's easy to deploy and has plenty of integrations available to use. Review collected by and hosted on G2.com.
In very large environments, it is very heavy to manage and servers can consume a lot of RAM.
High availability is not well designed, so you have to look for workarounds to secure the solution. Review collected by and hosted on G2.com.
Alien Vault is essential to the day to day operations of our entire intel team. Being able to pivot on related files and prove maliciousness of a domain makes AV one of the best OSINT tools on the market. Review collected by and hosted on G2.com.
I dislike how much Alien Vault charges for their enterprise accounts. Review collected by and hosted on G2.com.
Simple SIEM, easy to set-up, great actionable results, clear reporting features. Easy to work with assistance team. Review collected by and hosted on G2.com.
Some false positives take time to correct. Review collected by and hosted on G2.com.
The ease of use and customization. The USM is a work horse, no matter what devices or the number of logs we throw at it, the system processes them in real-time, correlates the events, and alerts on only events that need human review. USM Anywhere was a great progression of the product, whether you are a small business with no security team or a large enterprise with a large team, AlienVault will meet your needs. Review collected by and hosted on G2.com.
The one thing I continue to dislike about the USM Anywhere the lack of an on-prem deployment option. Review collected by and hosted on G2.com.
the rich interface and the ThreatIntell overall was pretty good. Review collected by and hosted on G2.com.
the management and maintenance are too cumbersome. Review collected by and hosted on G2.com.
Great to monitor events and provide feedback. Good product coverage. It has integration with SQL, AWS and other cloud infrastructure with ease. Better than cloudwatch. This tool is cheaper than splunk. Review collected by and hosted on G2.com.
Sometimes becomes overly complicated to analyze DDoS attacks. Not very user friendly. Review collected by and hosted on G2.com.
In comparison to other SIEM tools, the cost vs feature prospect is very good. USM offers all the basics you would expect from a SIEM tool in an easy to configure package Review collected by and hosted on G2.com.
Some features are unavailable that are available in other SIEM tools such as the use of advanced searching languages, custom correlation rules and custom parsers. Review collected by and hosted on G2.com.
