AT&T AlienVault USM Review

I can see all HIDS and IDS events in one place. Setup is complex when playing with custom plugins.


Valuable Features

The SIEM part where I can see all HIDS and IDS events in one place alongwith the correlation directives.

Improvements to My Organization

We have a better detection rate for malware and other cyber-attacks. Really helps when USM integrated in the incident response plan.

Room for Improvement

  • Database query speed when dealing with millions of events per day
  • Reports customization and types
  • Dashboards TV modes (SOC surveillance monitors)

Use of Solution

I've been using it for three years.

Stability Issues

I've experienced frequent slowness, and we had to downgrade to filter out many logs.

Scalability Issues

The AIO is not fast enough for a network over 100 EPS, so you have to go with a dedicated server option for better speed.

Customer Service and Technical Support

7/10

Previous Solutions

We had nothing in place prior to this.

Initial Setup

It's complex when playing with custom plugins.

Pricing, Setup Cost and Licensing

The price is low, and it's good quality but require effort.

Other Solutions Considered

There were no other options looked at.

Other Advice

To take full advantage of the product you have to work under the hood.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
1 visitor found this review helpful
1 Comment
Tami AndrewsVendor

Thank you for your time to provide your comments on using USM.

26 June 17
Guest
Sign Up with Email