Recently, we used the NetFlow capability to find a bottleneck in the network and the offending computer.
AT&T AlienVault USM Review
Visibility For Your Network and To Find Bottlenecks
How has it helped my organization?
What is most valuable?
The most valuable aspect of AlienVault is the visibility into the network. You have the capability to gather logs from multiple sources and easily see what is going on in the network.
What needs improvement?
It is a lot of work to get the software configured and set up properly.
What do I think about the stability of the solution?
There were some issues with the reporting functions. AlienVault corrected that problem in a new update.
How are customer service and technical support?
Customer Service:
The customer service department is very responsive to questions.
Technical Support:
The technical support team is very knowledgeable. It is helpful that they are able to have remote support sessions to review the problem.
Which solution did I use previously and why did I switch?
No.
What about the implementation team?
We deployed this system in-house. We are not a fan of moving things to cloud-based solutions.
What's my experience with pricing, setup cost, and licensing?
The engineering support that is provided by AlienVault upon first installation was excellent! They went way above and beyond what I was expecting.
Which other solutions did I evaluate?
We evaluated the popular SIEM tools Splunk, LogRhythm, and SolarWinds. AlienVault provided the most features for the price point.
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Aug 22 2017
More AT&T AlienVault USM reviews from users
Find out what your peers are saying about AT&T, Splunk, LogRhythm and others in Security Information and Event Management (SIEM). Updated: February 2021.
464,594 professionals have used our research since 2012.
Add a Comment
1 Comment
Tami Andrews (AlienVault)Vendor
Thank you for your time to review AlienVault USM and for your candid feedback!
Author
reviewer103734
IT Officer with 51-200 employees
User
Highlights
This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc).
The most valuable feature of this solution is security management for PCI DSS.
The most valuable feature is threat intelligence.
There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems.
The setup is very easy and straightforward.
The other big selling feature for us was its integration capabilities with all the other security-based products.
The solution is stable.
Popular Comparisons
AlienVault OSSIM
ELK Logstash
IBM QRadar
LogRhythm NextGen SIEM
Fortinet FortiSIEM
Fortinet FortiAnalyzer
Rapid7 InsightIDR
ArcSight Enterprise Security Manager (ESM)
SolarWinds Security Event Manager
IBM X-Force
LogPoint
McAfee ESM
Buyer's Guide
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about AT&T, Splunk, LogRhythm, and more!
Quick Links
Learn More: Questions:
- Which is the best SIEM solution for a government organization?
- What is the difference between IT event correlation and aggregation?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
- What is the difference between SIEM and SOAR platforms?
- What is the difference between log management and SIEM?
- Are you using a SIEM platform with AWS Cloudwatch?
- What is the best SIEM tool for a large financial services firm?
- What is your SIEM buying cycle like?
- PoC template for SIEM