This has an OTX feed. With it, we are able to get notifications about every incident that happens.
By forwarding device logs, we are able to get alerts perfectly with FIM and VA features.
AT&T AlienVault USM Review
We are able to get alerts perfectly with FIM and VA features
What is our primary use case?
How has it helped my organization?
We are the Partners in Sri Lanka. We are doing deployments in Sri Lanka, Maldives, and Bangladesh.
This is a USM, so being able to get all the features under one roof makes it a good product with good new features.
What is most valuable?
Unified Security Manager (USM). In every SIEM, having only SIEM features (log management, alerting, notifications, etc.) is typical. Here we can get file integrity monitoring and a vulnerability assessment tool together with SIEM.
I have never seen a tool like this.
What needs improvement?
The Log Management and configuration of email notifications should be user-friendly. Pay attention to false-positive event automatic correlations.
Efficiency of Security Team
Yes.
Events per Day
60.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
No, we did not have issues with stability.
What do I think about the scalability of the solution?
No, we did not have issues with scalability.
How are customer service and technical support?
Good. They have technically fluent engineers there.
Which solution did I use previously and why did I switch?
Yes. We switched because this is a USM (SIEM, FIM, and VA tool in one product) and the price.
How was the initial setup?
The initial setup is straightforward, but some features are little bit difficult.
What about the implementation team?
We are the partners in Sri Lanka. Therefore, we are directly involved with implementations.
What's my experience with pricing, setup cost, and licensing?
It has good pricing.
Which other solutions did I evaluate?
We evaluated EventTracker.
What other advice do I have?
Our customers have good references about AlienVault.
Which version of this solution are you currently using?
5.4.0
**Disclosure: My company has a business relationship with this vendor other than being a customer: We are partners in Sri Lanka
Last updated: Feb 25 2018
More AT&T AlienVault USM reviews from users...who work at a Financial Services Firm
...at Small Businesses
Find out what your peers are saying about AT&T, Splunk, LogRhythm and others in Security Information and Event Management (SIEM). Updated: January 2021.
455,108 professionals have used our research since 2012.
Add a Comment
1 Comment
Tami Andrews (AlienVault)Vendor
Thank you Kalana for your time to review AlienVault USM and for your candid feedback!
Author
it_user814395
Network and Security Engineer at a tech services company with 11-50 employees
Real User
Highlights
Pros
This is a USM, so being able to get all the features under one roof makes it a good product with good new features.
We are able to get alerts perfectly with FIM and VA features.
Cons
Pay attention to false-positive event automatic correlations.
Pricing Advice
It has good pricing.
Popular Comparisons
AlienVault OSSIM
ELK Logstash
IBM QRadar
LogRhythm NextGen SIEM
Fortinet FortiSIEM
Fortinet FortiAnalyzer
Rapid7 InsightIDR
ArcSight Enterprise Security Manager (ESM)
SolarWinds Security Event Manager
IBM X-Force
LogPoint
McAfee ESM
Buyer's Guide
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about AT&T, Splunk, LogRhythm, and more!
Quick Links
Learn More: Questions:
- Which is the best SIEM solution for a government organization?
- What Is SIEM Used For?
- What is the difference between IT event correlation and aggregation?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
- What are the must-haves for a SIEM solution?
- What is the difference between SIEM and SOAR platforms?
- What is the difference between log management and SIEM?
- Are you using a SIEM platform with AWS Cloudwatch?
- What is the best SIEM tool for a large financial services firm?