The primary use cases for this solution are log management, security events correlation, and any other enterprise use cases for SIEM (new plugins development, correlation rules development, risk assessment, and asset management).
AT&T AlienVault USM Review
Easy to deploy and flexible enough to create your own plugins
What is our primary use case?
How has it helped my organization?
This solution can identify many threats inside the organization, like compromised endpoints, configuration issues, as well as "outside" threats (botnets, network scanners, web-attacks, etc). During the first two weeks post-deployment, our client's cybersecurity certainly improves by using AT&T AlienVault USM.
What is most valuable?
The features that we have found most valuable are the out-of-box vulnerability scanner, Network IDS, Host IDS, Netflow Monitoring, and more than four thousand pre-installed correlation rules.
What needs improvement?
Having automatic agent deployment would be a great feature. It would be nice to see some machine learning and monitoring of the configuration in network devices.
For how long have I used the solution?
One to three years.
How was the initial setup?
This solution is very easy to deploy and integrates comfortably with data sources. AT&T AlienVault USM has a user-friendly engine for custom plugins development, so you can develop your own plugin for your own application without any problems.
**Disclosure: My company has a business relationship with this vendor other than being a customer: Aurhorized distributor
Last updated: Apr 29 2019
Add a Comment
1 Comment
Author
Denis L
Sales Engineer at BAKOTECH LLC
Reseller
Top 5LeaderboardHighlights
Pros
This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc).
Cons
It would be nice to see some machine learning and monitoring of the configuration in network devices.