AT&T AlienVault USM Reviews

Filter by:Reset all filters
industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
rating
Loading...
Filter Unavailable
Reseller
Consultant at a tech services company with 11-50 employees
Oct 31 2018

What is most valuable?

On any given day I could give you a different answer regarding the most valuable features of the product. The feature that is most important is the fact that it has a lot of features, that it's not… more»

How has it helped my organization?

There are probably a billion examples I could give. As a service provider, it helps us because we have all of our clients connected in through our management platform, and we're able to leverage the… more»

What needs improvement?

Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on it. There are probably a dozen… more»

What's my experience with pricing, setup cost, and licensing?

The pricing is a good value and makes sense. The key thing is that for the new product, the licensing of it is subscription-based and it's based on data. Clients need to be really careful when… more»

If you previously used a different solution, which one did you use and why did you switch?

We've used a lot of solutions. I've used, run, and supported a lot of different solutions over the years. There were two primary reasons for switching to AlienVault. One was price, and the other was… more»

What other advice do I have?

Overall, the automation features of this solution are good. The issue here is that there are really two solutions. There's the AlienVault Appliance product and then there's the AlienVault Anywhere… more»
Real User
VP at Castra Consulting
Dec 12 2018

What is most valuable?

The IDS and the threat intelligence are very useful. They are very intuitive and data-rich.

How has it helped my organization?

It's really easy to aggregate and correlate and view several different security logs and several different data pieces in a single place. That's what allows us to see the… more»

What needs improvement?

One area that has room for improvement is storage. AllienVault is a good place to put logs, but sometimes it's a tough place to go get logs. AlienVault has three… more»

What's my experience with pricing, setup cost, and licensing?

The pricing is the best on the market.

If you previously used a different solution, which one did you use and why did you switch?

We did not work with a previous solution. We decided to bring it into our organization based on its value. It allows you to do a lot with a small price tag.

What other advice do I have?

Have an idea of a plan and know where things in your network are and know who can give you access to certain things you might need. In terms of how extensively we're using… more»

Which other solutions did I evaluate?

We evaluated every single SIEM on the market. The major difference that made AlienVault stand out is the unification, meaning the integration of technologies… more»
Find out what your peers are saying about AT&T, Splunk, LogRhythm and others in Security Information and Event Management (SIEM). Updated: September 2019.
371,355 professionals have used our research since 2012.
Real User
Systems Administrator at a healthcare company
Oct 31 2018

What is most valuable?

It's hard to pick just one valuable feature for this product. I like everything the product has to offer. The dashboards are very descriptive and contain just the right amount of information. The… more»

How has it helped my organization?

This product has streamlined productivity by having all the information in one place. It has really helped eliminate a lot of manual work because its automation is pretty robust and important. It puts… more»

What needs improvement?

Honestly, the product itself is great. The only room for improvement I can mention is the initial installation procedures. I found that the online installation instructions for the product were… more»

What's my experience with pricing, setup cost, and licensing?

So far, I feel the product's pricing is a good value. The technology is decent. You get what you pay for. I think it's fair.

What other advice do I have?

It is a great product. Just get it.

Which other solutions did I evaluate?

I did look at other options but I don't recall which ones. We were vetting for a while, but this one came highly recommended by a company we use locally for pen and vulnerability testing. They… more»
Matthew White
Real User
Production DBA at a financial services firm with 51-200 employees
Oct 29 2018

What is most valuable?

AlienVault USM Anywhere is easy to deploy with their cloud-based model and deploying the required agents on-prem (or in the Cloud) is quick and easy. With many integrations out-of-the-box, you can… more»

How has it helped my organization?

AlienVault USM Anywhere provides us with SIEM, at a low price-point and with a great array of functionality. SIEM is critical to our security operations and feeds incident response efforts and USM… more»

What needs improvement?

We would love to be able to create custom rules based on a series of events, to create rule-sets where, for example, failed logins to the VPN Server are logged and then when a successful attempt… more»

What's my experience with pricing, setup cost, and licensing?

Cost is very competitive and if your log ingestion is not huge, then you can get a SIEM for a small budget; AlienVault listen well to customers and work with you on the needs of your business.

What other advice do I have?

Efficiency Of Security Team: Yes, a team of 2 managing a reasonable sized network has been achieved. Events Per Day: 700,000

Which other solutions did I evaluate?

Alert Logic, Cloud Passage and Event Tracker.
Lorenzo Ciolfi
Real User
VP IT Operations at a financial services firm with 51-200 employees
Nov 05 2018

What is most valuable?

The most valuable feature is what it can block, what it can prevent from coming in.

How has it helped my organization?

Previous to this, we really didn't have any protection, any intrusion system in place. It's made me more comfortable, since I'm in charge of IT for this company. I sleep… more»

What needs improvement?

The only that I can think of is that is not ideal is sending Windows Server logs to their device, to the system. That has to be done on each server. I don't know if they… more»

What's my experience with pricing, setup cost, and licensing?

It's very reasonably priced. It was one of the lowest among the ones I looked at. Licensing is pretty flexible. They can do a two-year or a three-year, even a one-year… more»

If you previously used a different solution, which one did you use and why did you switch?

This is the first solution of its kind for us.

What other advice do I have?

Compare it to the other vendors in the field, some of the top vendors. Make sure it fits your needs. It's more for a mid-sized company or a small company, not a large… more»

Which other solutions did I evaluate?

I looked at two others but I don't remember their names.
Layla Bartram
Real User
SOC Analyst II at a comms service provider with 11-50 employees
Apr 10 2018

What is most valuable?

The Event Correlation and vulnerability scans have been the most useful. As a 24/7 SOC, we use the incoming alarms to give an overview of suspicious traffic going through the network. It's easy to… more»

How has it helped my organization?

AlienVault has provided a nice, unified system for monitoring and reporting. Since we use this for customer security services, the vulnerability scans have come in handy for overall system health… more»

What needs improvement?

The UI and overall processes need a little bit more love. The development job postings have the requirement, for prospective candidates, of "values progress over perfection". This shows in the error… more»

What's my experience with pricing, setup cost, and licensing?

Our company normally handles everything from setup to configuration, refinement, and monitoring. We are an MSSP so we all handle this for the customer when they inquire about services.

If you previously used a different solution, which one did you use and why did you switch?

We did not use anything else prior. We tried the free version of AV then decided to go with the paid option and become an MSSP, since it fit our company needs for the right price.

Which other solutions did I evaluate?

No, AlienVault fit what we needed for the phase we were in with the SOC.
Patrick Noc
Real User
admin at a non-tech company with self employed
Jun 13 2018

What is most valuable?

* Centralized logs: All the details are in one place. This is helpful if you have over 100 servers. * Centralized IDS: We need this as we are able to see what is happening in (almost) real time.

How has it helped my organization?

From my perspective, it saves me about two to seven hours weekly. Now, I can easily check (in one place) all the logs and data in relation to attacks. It also gives me an overview if a server is not… more»

What needs improvement?

* Plugins could be better utilized, as some of them do not recognize all logs. * We could add little more customization to dashboards.

If you previously used a different solution, which one did you use and why did you switch?

I previously worked with Nagios, SolarWinds, and Big Brother. Though, this was at a different company. These products did not match the requirements in AWS at the time that we were getting AlienVault.

What other advice do I have?

Check other products, do POC as change from one to other get be very pricey and time consuming. Also training of people and changes cost lots of resources and not all employees like such changes every… more»

Which other solutions did I evaluate?

We were also looking at LogRhythm, Splunk, and few others. We decided on AlienVault, as they had a nice presentation (which told us what we wanted to hear) and the PoC proved it could do what we… more»
Jason G.
User
Market Development Manager, Cyber Security Consultant at a tech services company with 11-50 employees
Oct 29 2018

What is most valuable?

AlienVault USM Anywhere has a modern, user-friendly, and intuitive GUI, making it easy to use. It is a cloud-based solution that is easy to deploy and easy to scale as well. On top of having built-in… more»

How has it helped my organization?

As stated before, the solution allows us to continuously detect cybersecurity incidents that may occur throughout our environment.

What needs improvement?

Although they use machine learning, the algorithms that they use are graph-based. Their AI/ML capabilities could be improved a bit.

What's my experience with pricing, setup cost, and licensing?

As stated before, I believe this is the best SIEM solution for its value, especially for SMB.

If you previously used a different solution, which one did you use and why did you switch?

I did use other solutions with different clients, and we do so now. We find AlienVault to have the best price to performance value. There are better solutions, but the price is reflected.

Which other solutions did I evaluate?

Yes, I myself have had experience with IBM QRadar, Splunk Enterprise, and Logrhythm, but my company has experience with several others.
See 29 More AT&T AlienVault USM Reviews

Articles

User Assessments By Topic About AT&T AlienVault USM

Find out what your peers are saying about AT&T, Splunk, LogRhythm and others in Security Information and Event Management (SIEM). Updated: September 2019.
371,355 professionals have used our research since 2012.

AT&T AlienVault USM Questions

What is AT&T AlienVault USM?

AlienVault USM Anywhere is a cloud-based security management solution that accelerates and centralizes threat detection, incident response, and compliance management for your cloud, hybrid cloud, and on-premises environments. USM Anywhere includes purpose-built cloud sensors that natively monitor your Amazon Web Services (AWS) and Microsoft Azure cloud environments. On premises, lightweight virtual sensors run on Microsoft Hyper-V and VMware ESXi to monitor your virtual private cloud and physical IT infrastructure.

With USM Anywhere, you can rapidly deploy sensors into your cloud and on-premises environments while centrally managing data collection, security analysis, and threat detection from the AlienVault Secure Cloud.

Five Essential Security Capabilities in a Single SaaS Platform

AlienVault USM Anywhere provides five essential security capabilities in a single SaaS solution, giving you everything you need for threat detection, incident response, and compliance management—all in a single pane of glass. With USM Anywhere, you can focus on finding and responding to threats, not managing software. An elastic, cloud-based security solution, USM Anywhere can readily scale to meet your threat detection needs as your hybrid cloud environment changes and grows.

  1. Asset Discovery
  2. Vulnerability Assessment
  3. Intrusion Detection
  4. Behavioral Monitoring
  5. SIEM

Try USM Anywhere in your environment—free for the first 14 days. 
www.alienvault.com/products/usm-anywhere/free-trial

Also known as
AlienVault, AlienVault USM, Alienvault Cybersecurity
AT&T AlienVault USM customers

Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom

Read Archived Reviews
BUYER'S GUIDE
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about AT&T, Splunk, LogRhythm, and more!
Sign Up with Email