AT&T AlienVault USM Review

Easy to deploy and flexible enough to create your own plugins


What is our primary use case?

The primary use cases for this solution are log management, security events correlation, and any other enterprise use cases for SIEM (new plugins development, correlation rules development, risk assessment, and asset management).

How has it helped my organization?

This solution can identify many threats inside the organization, like compromised endpoints, configuration issues, as well as "outside" threats (botnets, network scanners, web-attacks, etc). During the first two weeks post-deployment, our client's cybersecurity certainly improves by using AT&T AlienVault USM.

What is most valuable?

The features that we have found most valuable are the out-of-box vulnerability scanner, Network IDS, Host IDS, Netflow Monitoring, and more than four thousand pre-installed correlation rules.

What needs improvement?

Having automatic agent deployment would be a great feature. It would be nice to see some machine learning and monitoring of the configuration in network devices.

For how long have I used the solution?

One to three years.

How was the initial setup?

This solution is very easy to deploy and integrates comfortably with data sources. AT&T AlienVault USM has a user-friendly engine for custom plugins development, so you can develop your own plugin for your own application without any problems.

Disclosure: My company has a business relationship with this vendor other than being a customer: Aurhorized distributor
1 Comment
Tami AndrewsVendor

Denys - I appreciate your time & feedback!

15 July 19
Guest
Sign Up with Email