AT&T AlienVault USM Review

Out of the box features for easy asset discovery, vulnerability scans, IDS setup are all beneficial.


What is most valuable?

AlienVault out of the box features for easy asset discovery, vulnerability scans, IDS setup are all beneficial, but the best feature we find most valuable is the main dashboard for how the information is bubbled up and presented to us.

How has it helped my organization?

With AlienVault we have been able to reduce lag times by not having to invest into specialized research for which we rely on AlienVault Security Labs and OTX (Open Threat Exchange).

What needs improvement?

With all the great features AlienVault has to offer, it would be nice to see improved search query functionality, similar to ELK stack.

For how long have I used the solution?

18 months+

What was my experience with deployment of the solution?

Easy setup out of the box as it comes as a virtual appliance. 

What do I think about the stability of the solution?

Solid platform built on debian system.

What do I think about the scalability of the solution?

Haven't been able to break it yet.

How is customer service and technical support?

5 Stars

Disclosure: My company has a business relationship with this vendor other than being a customer: We are a part of the MSSP program.
1 visitor found this review helpful
2 Comments
Orlee GillisConsultant

Can you point to specific improvements/advancements that you'd like to see in the search query features?

24 November 16
ctsandersResellerTOP 5LEADERBOARD

I would like to see root cause analysis and big data relationships as part of the overall solution.

Also, the query should feed into a larger data matrix of solutions where they feed into machine learning solutions to address the problem - intelligent situational awareness.

16 February 17
Guest
Sign Up with Email