AT&T AlienVault USM Valuable Features

Consultant at a tech services company with 11-50 employees
On any given day I could give you a different answer regarding the most valuable features of the product. The feature that is most important is the fact that it has a lot of features, that it's not just a log collection and correlation system, that it has a lot of other components built in. The bundle of features is really the killer feature. In particular though: * ease of use and deployment * excellent cloud integration * dynamic asset management * vulnerability scanning * network intrusion detection * host-based agent monitoring and collection. All of these features combined create a compelling "one-stop" package for a business that needs security monitoring and analytics. View full review »
VP at Castra Consulting
The IDS and the threat intelligence are very useful. They are very intuitive and data-rich. View full review »
Systems Administrator at a healthcare company
It's hard to pick just one valuable feature for this product. I like everything the product has to offer. The dashboards are very descriptive and contain just the right amount of information. The activity alarms and events contain a plethora of data that is very descriptive and useful. Vulnerability scans, IDS scans, asset scans. It's pretty much the whole USM Anywhere tool. Everything in here is pretty important. It gives you all the vulnerabilities of your assets. It goes through and it actually shows you the software on there, if it's missing patches, the operating system. Overall, I find that this product is amazing. View full review »
Find out what your peers are saying about AT&T, Splunk, LogRhythm and others in Security Information and Event Management (SIEM). Updated: October 2019.
372,906 professionals have used our research since 2012.
Matthew White
Production DBA at a financial services firm with 51-200 employees
AlienVault USM Anywhere is easy to deploy with their cloud-based model and deploying the required agents on-prem (or in the Cloud) is quick and easy. With many integrations out-of-the-box, you can pull in all the data from products you use and other sources, such as Amazon Cloudwatch Logs. Custom rules allow for alerting based on content from events and you can even trigger agents in response to threats, shutting down computers or grabbing forensic info for incident response. USM Anywhere also takes care of reporting for ISO and PCI, allowing you to pull reports for auditors at a moment’s notice. View full review »
Lorenzo Ciolfi
VP IT Operations at a financial services firm with 51-200 employees
The most valuable feature is what it can block, what it can prevent from coming in. View full review »
Layla Bartram
SOC Analyst II at a comms service provider with 11-50 employees
The Event Correlation and vulnerability scans have been the most useful. As a 24/7 SOC, we use the incoming alarms to give an overview of suspicious traffic going through the network. It's easy to look at the correlated events and see the broad picture of traffic for that customer. Vulnerability scans are good for providing patch and remediation guidelines to keep customer systems secure. View full review »
Patrick Noc
admin at a non-tech company with self employed
* Centralized logs: All the details are in one place. This is helpful if you have over 100 servers. * Centralized IDS: We need this as we are able to see what is happening in (almost) real time. View full review »
Jason G.
Market Development Manager, Cyber Security Consultant at a tech services company with 11-50 employees
AlienVault USM Anywhere has a modern, user-friendly, and intuitive GUI, making it easy to use. It is a cloud-based solution that is easy to deploy and easy to scale as well. On top of having built-in support with several technologies, AlienVault USM Anywhere has an API that allows you to develop additional plugins if necessary. View full review »
I.T. Manager at a non-profit with 51-200 employees
The fact that AlienVault is several tools in one is most valuable to our small team. We can collect logs, and also actively scan our network for vulnerabilities all from one tool. View full review »
Phillip Short
Network Operations Manager / Systems Engineer at a tech services company
The asset management of nodes has been a large help in terms of being able to track applications with more detail and have changes made being monitored into one source. The vulnerability scanning has also been an aide of reviewing the systems and having feedback of what is missing patches and holes in our environment that need review and remediation. The all-in-one aspect has been helpful to see items and correlate within one source rather then multiple. View full review »
Corey Bussard
Manager, Security Operation Center at a tech services company with 51-200 employees
* Vulnerability assessments and log aggregation/correlation These were the two answers we needed for our solution. It gave those solutions very easily. It is easy to implement, and effective. View full review »
Christian Caldarone
ISO (Information Security Officer) with 10,001+ employees
It provides a single pane of glass view, coupled with a whole security ecosystem. The ability to manage everything from a central point, including vulnerability assessments, asset management - including the services provided by the various hosts - NIDS, HIDS, etc., provides a very efficient way of dealing with things. Their OTX intel is also great, as one needs to know who is running around threatening the IT infrastructure with a "crowbar." View full review »
David Ignash - CEH,CNDA
Security Administrator at a financial services firm with 501-1,000 employees
AlienVault provides you with a unified view for all aspects of what is going on in your environment. It allows you to define what alerts you want to see, or not to see, as well as if you want them grouped, or ungrouped. View full review »
Senior Buyer & Operations Specialist at Nth Generation Computing
* In my experience, I've found the vulnerability assessment very valuable because it identifies vulnerabilities and AWS configuration issues, so we are less likely to have potential risks. * The compliance reporting is also valuable for reporting purposes. View full review »
Network and Securirty Engineer at a tech vendor with 501-1,000 employees
The main menu: You can see everything there, what is happening on the servers, and in the logs, you can view more details of each event. Everything you need is in 'one place'. View full review »
Co-Founder at a photography company with 11-50 employees
Log-monitoring and alerting, so we can find out when things happen that we need to know about. View full review »
Jon McFarland
IT Systems Administrator at a financial services firm with 201-500 employees
The most useful feature is the customization for alarms, alerts, and reports. AlienVault is situated to be adapted and changed to meet many different needs and use cases, but still being effective at most of them. View full review »
Adrian Throssell
System Administrator at a tech services company with 10,001+ employees
I have used the asset discovery and the vulnerability scans the most. As a system administrator, it is important that we are prepared for any eventualities. I also like how you can use the hardware “out-of-the-box”, or using logs you can actually customise the performance to fit your environment and needs. View full review »
Kalana Chandrasiri
Network and Security Engineer at a tech services company with 11-50 employees
Unified Security Manager (USM). In every SIEM, having only SIEM features (log management, alerting, notifications, etc.) is typical. Here we can get file integrity monitoring and a vulnerability assessment tool together with SIEM. I have never seen a tool like this. View full review »
Cybersecurity Analyst at a tech company with 51-200 employees
AlienApps that we use to integrate with our current setup is awesome! Not only that, they have roadmapped being able to open up their API so we can integrate and flex the USM Anywhere as much as we want and when we want to. The staff has been incredibly helpful on getting us further down the line with our constructive feedback and have worked on implementing changes to their system to help improve their product. View full review »
Rajnikant Bhandare
Security Analyst SOC at a tech services company
A vulnerability assessment feature is very helpful for me. Because of this feature, I can schedule a vulnerability assessment for my critical server. View full review »
Engineer - Network Security at a tech company with 11-50 employees
SIEM and the FIM are the first preferences when I started the deployment. Because the customer wanted to monitor network security incidents of the Servers and any file modification done to their critical files residing in the production servers. Vulnerability scanning and OTX helped us to manage all in one single point. The alerting and security intelligence is the heart of the product. Monitoring customer's critical network is now almost a one man job. View full review »
Paul Reissner
Security Engineer at a tech services company with 201-500 employees
* General SIEM tool functionality. * Ease of deployment across various environments. View full review »
‎SOC Manager at a tech services company with 11-50 employees
The most valuable feature of this solution is security management for PCI DSS. View full review »
Javier Ramirez
Network Security Specialist at SEFISA
AlienVault has the necessary all-in-one product with the function of vulnerability scanner integrated with detections, so when you detect an incident in a vulnerable port you can act faster and prevent more incidents. View full review »
Dan Gavin
Network Architect at a tech services company with 11-50 employees
The cloud console is by far the best improvement of the product. In the past, our less technical clients had trouble sorting through the dashboards within the USM console, and we had received complaints on viewing the real-time data versus our prepared reports. The new cloud-based panel is excellent both for client review as well as for our SOC to review and respond to threats. It is much easier to configure and use than the previous solution from AlienVault. View full review »
Tharaka Ranasinghe
Network and Security Engineer at a tech services company with 51-200 employees
AlienVault USM has a vulnerability assessment feature and only one SIEM feature compared to other SIEM solutions. View full review »
Sales Engineer at a tech vendor with 51-200 employees
The features that we have found most valuable are the out-of-box vulnerability scanner, Network IDS, Host IDS, Netflow Monitoring, and more than four thousand pre-installed correlation rules. View full review »
Shayanthan Karunaharan
Engineer - Information Security at a tech services company with 11-50 employees
Raw logs: Clients require to store their raw logs in a data-store rather than keep it in the actual device. Alarm section: It's very easy to see the Alarms for any incidents rather than going through all the logs. Security events: Categorization of Security events helps our SOC analyst for further analysis. View full review »
Security Analyst at a tech services company with 1-10 employees
* Alarms * Correlation View full review »
Kirk Crespin
IT/IS Officer - Marketing Director at a tech services company with 51-200 employees
We have found the AIO USM the most valuable because of its centralized grouping of all of the tools necessary to manage our security in an "All In One" solution. Of its parts, the scheduled vulnerability assessment tool has been helpful as a preventative measure to help keep ahead of security threats! View full review »
CEO at a tech services company with 1-10 employees
The below features are what make the solution so powerful, particularly saving time and money (most importantly): * Real-time email alerts * Event correlations * Log management * System monitoring * Network monitoring * Uptime monitoring * OTX threat intelligence * Vulnerability scanning/reporting * Compliance reporting View full review »
Security Systems Administrator at a security firm with 501-1,000 employees
IDS is a nice capability to have. In the past, I have implemented standalone Suricata sensors and having this bundled in is very helpful. OTX is good when implemented correctly. View full review »
IT Manager at a manufacturing company with 51-200 employees
SIEM log collection is great, and all of the rules that support updates with maintenance. View full review »
Guilherme Peralta
Consultant at a comms service provider with 10,001+ employees
I have found the host-based intrusion detection system (HIDS) extremely useful, as it * Allows me to identify possible threats and vulnerabilities. * Allows anyone with little knowledge of a cybersecurity devise to work with a high level threat discovery solution. View full review »
Erlon Sousa Pinheiro
DevOps Engineer at a tech services company with 11-50 employees
My favourite one is the vulnerability scanner because while using it, our environment is always updated about security threats. View full review »
Head of MSS Platform and Product Management at a tech services company with 51-200 employees
Asset discovery seems to be good. Nice that everything is bundled. View full review »
Find out what your peers are saying about AT&T, Splunk, LogRhythm and others in Security Information and Event Management (SIEM). Updated: October 2019.
372,906 professionals have used our research since 2012.
Sign Up with Email