AlienVault USM (from AT&T Cybersecurity) Reviews & Product Details - Page 2

Easy to use for such a sophisticated software and tech support. Review collected by and hosted on G2.com.

There is nothing that I don't like. If you need high security, you know when a product is good. Review collected by and hosted on G2.com.

AlienVault has given us the opportunity to get a better look at what is going on within the network of our organization. The events shown have opened our eyes to many more activities than we ever knew about before, and implementing the NIDS piece only increased our visibility. The SIEM is easy to use and navigate, and resolution steps are very easy to follow and helpful. Review collected by and hosted on G2.com.

At times, the online portal can be a bit sluggish or sometimes not respond at all. We have hit a wall when running scans at the wrong time and had to adjust groups and automatic scan times. We used to manually run scans on servers as we identified them, but had to relegate to adding them to groups to scan on off hours to help system usability. Review collected by and hosted on G2.com.

Alienvault USM gives us the ability to monitor our on premise and cloud infrastructure via a single web based portal. It helps us to maintain our PCI compliance. We check our portal daily and i also get email alerts about alarms generated by the system. The system is relatively easy to set up and there are lots of plugins to translate the different log files generated by different manufacturers to give richer more useful information. Dashboards allow us to see trends and activity across all our areas of responsibility. We now get information from sources such as our Cisco Meraki switches, Office 365 Azure AD, One drive, SharePoint, Windows, and vmware systems. More integrations are being added all the time. It is also possible to create customized alarms and filters so that you can focus in on the things that are important to you. We like to run the joval (oval) scans on our in-scope systems weekly out of business hours so that end users are not impacted. Review collected by and hosted on G2.com.

In order to get a fully compliant solution we had to go for a premium subscription. This allows 90 days of real-time search and a year of cold storage. Review collected by and hosted on G2.com.

Ease of deployment, after sale support and the out-of-box alerting have all been great. If you outgrow your initial deployment, it's super easy to buy more capacity. Review collected by and hosted on G2.com.

In regards to the sensors, the USM sensor offering only allows a single IP for you to ship logs. You can't attached multiple vNICs to the appliance. So if you have non-routable networks inside, you must deploy multiple sensors. Other vendors don't have the limited. The sensor costs are cheap, just more work. My other huge complaint is you can't audit who made changes to event filtering rules because those changes are logged. Review collected by and hosted on G2.com.

I like the clean UI and it is easy to administer Review collected by and hosted on G2.com.

The cloud console can be slow to refresh Review collected by and hosted on G2.com.

With the USM Alienvault we can detect threats in real time unlike other solutions, is a very good tool, easy to implement and use, and has a low cost.

I have a very good satisfaction with Alienvault nywhere technology because we only need to install the sensor at the customer's office because we are MSSP, does not require much configuration and neither radical changes in the client's network, once the sensor is well configured we can see real-time alerts on the central console in the cloud, this experience is very satisfactory because it does not require the server or logger at the customer's office. Review collected by and hosted on G2.com.

There really is not much to say, but I have problems with the false positives detected.

Actually the only flaw I had was that I detected skype activity as a threat being a false positive, I spoke with alienvault and they explained me how to make a rule to omit from ids such behavior that was not malicious. Review collected by and hosted on G2.com.

The sensors are very sensitive, the authentication based scans, scheduled authentication scans and reporting Review collected by and hosted on G2.com.

The reports size is reduced now, earlier it was 50k lines Review collected by and hosted on G2.com.

Easy to get running, easy to create rules for notifications, suppression of known good events, etc. Very intuitive. By far the easiest SIEM to get up and running quickly. Very thorough visibility into an entire environment. Review collected by and hosted on G2.com.

Filtering events can be a little difficult. Tagging assets as PCI / CDE was not as straight forward as we expected. Review collected by and hosted on G2.com.

AlienVault USM Anywhere provided us excellent platform to offer managed security services for our clients deploying E-commerce solutions (online stores). Best features for our clients and us are out-of-box log analysis and alarms, help in achieving PCI DSS compliance and OTX cyber threat intelligence. Day to day monitoring is very easy with AlienVault USM Anywhere. Interface is very modern. AlienVault USM Central is a big plus for MSSPs. Review collected by and hosted on G2.com.

Shortcomings of current AlienVault USM Anywhere version is reports automation and lack of robust rule engine as it is in AlienVault USM Appliance. Review collected by and hosted on G2.com.

It is easy to setup and use, especially for a small team. Support is great as well. Review collected by and hosted on G2.com.

Rules can sometimes get a little complex, but there is good documentation and support for this. Review collected by and hosted on G2.com.