USM Anywhere Reviews

The primary use case of this solution is for security.

The solution is very user-friendly, but the dashboard could be improved as well as the level of customization.

I have been using the solution for one year.

The solution is stable.

The deployment of this solution is easy, but you need some level of understanding.

The price of this solution is reasonable, which is one of the reasons why we selected it over other solutions.

I would recommend this solution to other users.

We primarily use the solution for cybersecurity events and management.

The SIEM, security information management is very, very good. Basically, it's great at analyzing the logs of our servers.

The setup is very easy and straightforward.

The solution is a bit complicated. It could be simplified quite a bit.

The correlation engine could be improved. Much improvement could be made there, as it is an important open-source solution. 

The solution could benefit from including security orchestration. It's still not available yet. It would be really nice to have in a future release.

It could use something like a pen test. Tools like that would make it more comprehensive from a cybersecurity aspect. 

I've been using the solution since about 2015. It's been approximately six years or so.

The solution is extremely stable. We don't have any issues with its reliability. It doesn't crash or freeze and it's not buggy at all.

The solution doesn't scale well if you are talking about enterprises using it. However, for our purposes, we've never had an issue with this. Larger companies might. We do intend to continue to use the solution and potentially increase usage.

Technical support is extremely reliable. We've very satisfied with the level of service we receive. They are always knowledgeable, helpful, and responsive.

The initials setup is not complex. It's a very straightforward implementation.

The overall deployment is quite quick. It might take about 30 minutes or so. That's all.

The solution has a subscription-based annual payment option. It's not a perpetual license.

We use both on-premises and cloud deployment models.

We both use the solution and sell the solution as well.

Overall, on a scale from one to ten, I would rate the solution at an eight.

We're more focused on servicing medium to small businesses. This solution may not be suitable for a large enterprise-level organization.

That said, we highly recommend it. I'd recommend that new users decide to first go for the trial. Take the trial and then make sure that you like it before investing in the subscription. The company offers a free trial - you might as well use it.

We are a managed security service provider and we offer AlienVault USM to our clients. We use it to monitoring their environments and to maintain their logs.

The most valuable feature is threat intelligence. Their community is a very helpful tool and I think it's one of the values of AlienVault.

They set aside a lot of the functionality from the on-premises version that we found very helpful in managing tickets. As it is now, the cloud-based deployment is lacking these useful features.

The reporting is mediocre and is something that needs to be improved.

I have been using the cloud-based deployment of this solution for about two years.

The stability is fine.

Scalability in a cloud solution is tied to costs. With any cloud solution, the more data you have and the larger your company, the higher the price point. I wouldn't say that scaling is easy, but it is standard.

Technical support is slow to respond when we put in a ticket. We're a number. 

We use both the on-premises version and USM Anywhere. The latter is a SaaS solution.

The initial setup is okay. At an additional cost, they offer services to assist with deployment.

Our take on it is that we are paying more for this product because of the AT&T name. We don't necessarily find that we are getting more functionality or quality, given the price point.

The licensing fees are dependent on usage.

We are currently evaluating different SIEM solutions. I have found that all of them have issues, whether it is related to functionality or price point. Even the ones that have a high price don't provide everything that you need.

My advice for anybody who is considering this product is to evaluate all of the options that are out there. There is no one, great answer, so you have to figure out what best fits your needs.

I would rate this solution a seven out of ten.

This is a SIEM solution that our customers use in an on-premises deployment.

The most valuable feature of this solution is security management for PCI DSS.

This solution could be easier to use. It is hard for some people to understand, and they need to get training and certification just to understand what it's showing them.

In terms of stability, I would give it fifty percent.

The scalability of this solution is good.

We have a large number of customers who use this product on a daily basis.

Technical support is very good from their side.

The initial setup of this solution is a bit complex. Specifically, it is the way that it integrates with other products.

We deployed this solution in-house.

This is a good product but it can be made more user-friendly.

I would rate this solution a seven out of ten.

The primary use cases for this solution are log management, security events correlation, and any other enterprise use cases for SIEM (new plugins development, correlation rules development, risk assessment, and asset management).

This solution can identify many threats inside the organization, like compromised endpoints, configuration issues, as well as "outside" threats (botnets, network scanners, web-attacks, etc). During the first two weeks post-deployment, our client's cybersecurity certainly improves by using AT&T AlienVault USM.

The features that we have found most valuable are the out-of-box vulnerability scanner, Network IDS, Host IDS, Netflow Monitoring, and more than four thousand pre-installed correlation rules.

Having automatic agent deployment would be a great feature. It would be nice to see some machine learning and monitoring of the configuration in network devices.

This solution is very easy to deploy and integrates comfortably with data sources. AT&T AlienVault USM has a user-friendly engine for custom plugins development, so you can develop your own plugin for your own application without any problems.

Our initial need which brought us to acquire this solution was to be in compliance with GDPR requirements. Our environment is cloud-based (specifically AWS).

Beyond provided us with an IDS as was our initial need, but AlienVault gave us more useful resources, as SIEM, and as a vulnerability scanner (the last, one of my favourite resources).

My favourite one is the vulnerability scanner because while using it, our environment is always updated about security threats.

Taking into account that server access credentials are controlled by the tool, some more management-focused actions could be performed from AlienVault.

We use AlienVault to collect all mission-critical logs and to pull data directly from G Suite. It provides our small IT operation with an easy-to-use tool to assess our security operations.

Before AlienVault, we had no central log collection tool of any kind, let alone security monitoring. AlienVault provides us with a very easy to use, central spot to view log files, and take appropriate action. It allows our small team the ability to take cybersecurity seriously.

The fact that AlienVault is several tools in one is most valuable to our small team. We can collect logs, and also actively scan our network for vulnerabilities all from one tool.

Long-term I'm genuinely concerned about AT&T's ownership of AlienVault. I have never had a good relationship with AT&T in +15 years, and fear they will destroy this good product.

Concerned long-term, due to AT&T.

It is very scalable, just ask them to increase the amount of storage.

Tech support has been a bit slow lately, and the level-1 techs do not have all the power they should have.

Before AlienVault we had nothing. We learned about AlienVault through a company we contracted to do a full vulnerability assessment. They used AlienVault, so I felt like if it was good enough for them, then we should be using it.

Very simple, just follow their directions step-by-step and you will be fine.

I did the implementation myself. Their documentation made it easy.

I'd push them for pricing. I sense the best time to negotiate with them is in June as the fiscal year ends.

We found other tools to be out of reach for our small department, so we did not seriously look at others.

Be careful with AT&T, make sure you are confident the tool will be what you expect throughout the life of your contract. Make sure AT&T isn't going to change anything on you suddenly.

We have used AlienVault for our security monitoring for threat protection and compliance management. We've seen an improvement against malware and viruses. It has definitely eased our concerns so we can focus on other things.

AlienVault is very user-friendly. We've had a great experience with asset discovery, compliance reporting, endpoint detection and response. Our team uses the network infrastructure monitoring as well.

• In my experience, I've found the vulnerability assessment very valuable because it identifies vulnerabilities and AWS configuration issues, so we are less likely to have potential risks. 
• The compliance reporting is also valuable for reporting purposes.
  

The only recommended changes I can think of is to have the ability to filter logs. Also, being able to navigate the dashboard. That seems to have been quite a challenge.

There are multiple functions of this product, the stability and availability are awesome.

The scalability of this solution is exceptional. I believe it's very reliable and dependable.

I'm not familiar with what was used prior to AlienVault nor the reason the switch was made.  I'm just very pleased.

Yes, our team did not have any issues with the initial setup of AlienValut and its functions.

In-house.

The return on investment is great. I feel this product is well worth the price for all the functions and performance it can provide.

I advise others on the pricing and licensing. I research to find the best pricing for the value of the products as well as register all licensing.

No, our tech department did the evaluating of all the options and chose AlienVault.

AlienVault is an amazing product that I would highly recommend.

This is a jack of all trades (master of none) SIEM/IDS/vulnerability management/OSSEC/NetFlow solution. We use it primarily as a SIEM and IDS solution.

AlienVault provides a checklist answer when using SIEM. We currently develop additional rules and scripts to make it more usable, but the overall solution is lackluster.

IDS is a nice capability to have. In the past, I have implemented standalone Suricata sensors and having this bundled in is very helpful. OTX is good when implemented correctly.

Many of the tasks on features are useless in our situation. NetFlow is worthless.  Many of the built-in correlation engine solutions are just okay.

The vulnerability management solution is worse than buying a Nessus Professional license.

Our primary use case is Security Information and Event Management, as well as forensic analysis.

Undoubtedly having all security core technology under one roof, as provided by the all-in-one USM solution from AlienVault, is a big advantage for day-to-day business security operations. From real experience, it has enabled total transparency in terms of security information and events, from day one.

It provides a single pane of glass view, coupled with a whole security ecosystem. The ability to manage everything from a central point, including vulnerability assessments, asset management - including the services provided by the various hosts - NIDS, HIDS, etc., provides a very efficient way of dealing with things.

Their OTX intel is also great, as one needs to know who is running around threatening the IT infrastructure with a "crowbar."

The reporting module could be a little easier to handle, as it requires quite some trial and error until you get the reports you want. Also, it would be great to have a graphical interface for the Network Intrusion Detection System's rule management.

The solution is rock solid; never any issues.

We have not experienced any scalability issues, but we also know that you can easily add more sensors, which helps to spread the load.

Technical support is always helpful and responsive. They do care about their customers.

Our previous solution consisted of building a SIEM based on individual components/modules from the open-source space.

The initial setup is absolutely straightforward. It is up and running in no time. This is definitely one of the unique selling propositions of the solution.

So far, it has been a good solution for a tight budget.

AlienVault is a great fit, especially for smaller organizations, as it will enable you to produce quick results with no need to worry about too many details.