USM Anywhere provides centralized logging, vulnerability scanning, and real-time event correlation, enhancing cybersecurity management and compliance with standards like PCI DSS and ISO 27001. It integrates smoothly with third-party applications and offers diverse, flexible deployment options.
| Product | Mindshare (%) |
|---|---|
| USM Anywhere | 1.3% |
| Splunk Enterprise Security | 7.3% |
| IBM Security QRadar | 5.3% |
| Other | 86.1% |
| Type | Title | Date | |
|---|---|---|---|
| Category | Security Information and Event Management (SIEM) | Jun 23, 2026 | Download |
| Product | Reviews, tips, and advice from real users | Jun 23, 2026 | Download |
| Comparison | USM Anywhere vs Splunk Enterprise Security | Jun 23, 2026 | Download |
| Comparison | USM Anywhere vs IBM Security QRadar | Jun 23, 2026 | Download |
| Comparison | USM Anywhere vs Wazuh | Jun 23, 2026 | Download |
| Title | Rating | Mindshare | Recommending | |
|---|---|---|---|---|
| CrowdStrike Falcon | 4.3 | 2.8% | 97% | 140 interviewsAdd to research |
| Cortex XDR by Palo Alto Networks | 4.2 | N/A | 96% | 112 interviewsAdd to research |
| Company Size | Count |
|---|---|
| Small Business | 58 |
| Midsize Enterprise | 26 |
| Large Enterprise | 19 |
| Company Size | Count |
|---|---|
| Small Business | 204 |
| Midsize Enterprise | 121 |
| Large Enterprise | 125 |
USM Anywhere stands out for its integrated network and host IDS, asset management, and intuitive deployment that enhances efficiency. The platform simplifies security tasks by offering a comprehensive view that aids in compliance and aligns with security regulations such as PCI and GDPR. Despite its strengths, areas like IPv6 support, custom rule creation, and reporting require attention. Users note awkward reporting features and limited integration options. Enhancements are needed in threat detection and vulnerability scanning for faster response times and better support.
What are the key features of USM Anywhere?In industries such as cloud services and enterprise security, USM Anywhere is used extensively for SIEM, managing logs, and detecting security incidents. It supports AWS environment monitoring, providing managed services to clients and facilitating compliance with standards like PCI and GDPR.
USM Anywhere was previously known as AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity.
Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
| Author info | Rating | Review Summary |
|---|---|---|
| Co-Founder/Director at Bangkok MSP Company Limited | 4.0 | I use USM Anywhere primarily for threat detection and investigation, benefiting from its built-in threat intelligence and investigation tools. However, it faces scalability issues with a 60 TB limit. Despite this, I find it offers a favorable ROI. |
| Information Security Engineer at Infoprive | 4.0 | Our customers in finance and banking use USM Anywhere for log aggregation, correlation, and SIEM. It excels in security features and asset discovery but needs better integration with certain applications and improved log parsing. It effectively reduces security costs by preventing hacks. |
| Supervisor, Security Operations at Bpm | 3.5 | In my company, we use USM Anywhere for continuous monitoring due to its easy deployment and third-party integrations. Though it needs better vulnerability scanning and a mobile app, we chose it over Splunk for cost efficiency and MSSP program benefits. |
| Chief Information Security Officer at a computer software company with 51-200 employees | 4.0 | I primarily used AlienVault for IDS, logs, and correlation, finding it stable, scalable, and easy to integrate. Despite not fully utilizing all its features, I rate this affordable and comprehensive solution 8/10. |
| GISO - Global Information Security Officer at Beyon Connect | 4.0 | I found AlienVault highly valuable for its unique integrated vulnerability assessment, affordability, and ease of use, supported by great customer service. It was stable and scalable. My main suggestion is to broaden its threat intelligence capabilities with premium sources. |
| Senior Security Information Manager at agiito | 3.5 | I find USM Anywhere user-friendly and logical, with valuable compliance features and direct log file access. However, it depends on community data, which can be unreliable. I've used solutions like QRadar and ArcSight but prefer USM for its simplicity. |
| Senior Talent Sourcer, Digital at Digitaltrack | 4.5 | <p>I use AT&T AlienVault USM as a managed SOC service to detect and respond to security events for our customers. The implementation is easy, but improvement is needed in reporting and dashboards. I haven't considered other solutions or providers.</p> |
| Cyber Security Analyst at DIgital Sentry Ltd | 3.5 | We rely on AlienVault for central log monitoring from security tools like CrowdStrike, benefiting from enhanced visibility. However, it lacks automatic threat response capabilities. Transitioning from an open-source solution to USM, we found Elastic Security challenging to implement. |
| Founding Member at Integotec | 3.5 | I valued its vulnerability management but desire broader compliance and better integration quality. It's a scalable, good product (7/10) that needs more investment to compete with comprehensive alternatives like Microsoft Sentinel. |
| Network and Security Infrastructure Manager at a wholesaler/distributor with 201-500 employees | 4.5 | <p>I use AT&T AlienVault USM for log management and incident analysis, appreciating its network visibility and valuable reporting. However, I find the 90-day searchable data limit and difficulty with older data a significant drawback.</p> |
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools.
The solution offers complete coverage without the need to install additional software, as it is maintained by the vendor. It helps in saving costs on staffing and other resources.
USM Anywhere has a built-in TI (threat intelligence), and it includes lots of investigation tools. The solution also provides basic log storage options for periods of 15, 30, and 90 days. The 365-day block query is a major feature.
There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.
I have not seen any glitches based on my memory. The stability is satisfactory.
USM Anywhere faces scalability issues because of a 60 TB limit. It covers around 65% of cases but cannot accommodate banking customers due to data size constraints.
The customer service and support are standard, comparable to other companies and nothing particularly good or bad.
Positive
Customers see ROI as they save on staff and other resources.
The pricing is amazing and really cheap.
Elastic is mentioned as an alternative, however, it is considered significantly inferior in the context of modern SIM solutions.
Depending on the client's needs, USM Anywhere can vary in effectiveness. For standard companies, the solution is rated around eight, but it could be rated lower for larger or specialized clients.
I'd rate the solution eight out of ten.
Our customers have three use cases, Log aggregation, correlation, and the SIEM functionalities.
Our customers are mostly in the finance and banking sectors.
Log aggregation and alarms are the most useful for security for our customers. It collects logs from various log sources in the corporate network and then gives you actionable intel on the collected logs.
The second feature is SIEM capabilities. It's an umbrella set for what SIEM does.
The asset discovery and inventory capabilities in USM Anywhere is quite good because it helps to discover all assets and IP addresses on the corporate network.
USM Anywhere uses artificial intelligence to enhance threat detection.
The only issue that you need to bypass is the issue with integration with some other log sources, some other application security applications.
The issue is still present. The process of collecting logs from applications that do not have an alien app or alien routes can be made a little bit better. Once there is no alien app, it's always very difficult to collect logs from third-party applications.
So, the process of collecting logs from third-party applications is something that needs to be improved.
Also, when it comes to parsing of some logs, I've worked with another solution that has a custom parsing feature that can assist you in creating the custom parsing rule by yourself. But for any of those, USM needs to reach out to the engineering team, which takes months to come up with.
There is room for improvement in Log parsing. So when there are logs that are being parsed, we need to create a custom parsing rule to correctly parse some event logs. I've worked with a solution that has a feature that helps you to create custom parsing rules. But for enablement, we need to escalate to their engineering team, which takes months before they can respond and give you that parsing rule.
I have been using it for three years.
Many times I've noticed issues with stability. Mostly, it's quite stable, though. It's stable. But when you overload it a little, or access it, depending on the storage capacity.
I would rate the stability an eight out of ten.
I would rate the scalability an eight out of ten. We have small, we have medium, and we have enterprise banks as our customers.
The customer service and support respond fast and we jump on sessions fast, unlike some other vendors that can be slow to join a session.
Positive
I would rate my experience with the initial setup an eight out of ten, with ten being easy. It can be public cloud, private cloud, or on-premises. It depends on the customer.
For most customers, I deploy more on-prem than on cloud.
The deployment time really depends on the customer and how responsive they are. But with everything, it could take up to two weeks, working every day, to fully deploy the solution and update it all.
To fully integrate, it depends on the organization. It depends on the log sources that should be integrated. But mostly, if you dedicate every day to deployment, it shouldn't last more than a week.
It's saved security costs. It's saved costs in terms that when the solution is not in place and the customer gets hacked, they lose finances. So the solution has helped the customers not to get hacked. So, it has saved costs.
The price is really variable depending on what tier the customer is subscribing to. I think USM Anywhere recently started a 125, a 250, and then 500 and 1000 tier. So it depends on the organization, but it's affordable for most customers.
Overall, I would rate it an eight out of ten. I would recommend it because it is a good solution. It's easy to navigate. It's flexible.
In my company, we use the solution in our security operation center to monitor the client environment and as a solution that provides us with continuous monitoring ability.
The benefits experienced by our company from the use of the solution stem from the fact that it has been working pretty well in terms of getting the events correlated and getting the alarms on suspicious activities.
The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient.
A mobile app for user management is something I would like to see in the product's future release.
I have been using USM Anywhere for four or five years. I use the solution's latest version as it is a cloud-based tool.
Stability-wise, I rate the solution a nine out of ten.
Scalability-wise, I rate the solution a seven out of ten.
I rate the technical support an eight out of ten.
Positive
I have experience with Splunk and Datadog. My company started to use USM Anywhere since it was one of the products that offered a good MSSP program and was easy to deploy.
The product's initial setup phase was easy.
The solution is deployed on the cloud model.
I have seen a return on investment in my company from the use of the solution. The solution has helped save time and money in my company. When it comes to USM Anywhere, a lot of time can be saved in the area of deployment, which directly helps save the costs as well.
It is a product that is priced in a medium range, making it neither a cheap nor a costly product.
During the evaluation phase, the company had considered Splunk against USM Anywhere. Cost is the main reason my company chose USM Anywhere over Splunk.
To those who plan to use the solution, I would suggest that they go through the documentation and online training models available for free, as it can help you deploy the product quickly while also being helpful in areas where there is a need to understand correlation and monitoring.
I rate the overall product a seven out of ten.
We primarily use AlienVault for managing logs, IDS, and correlation, but we haven't used the other tools, which was a huge disappointment to me.
Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs.
We've seen a lot of improvement in the product over the years. Their threat monitoring was an important feature for us, but we didn't use the tool to its full advantage. I wanted to use the built-in NES and asset management tools, but unfortunately we didn't use those because we had other solutions to address those areas.
I've been told that AlienVault doesn't have a full version of NES running in there, but I'm not sure if that's accurate or if my engineer made it that way. I'm not sure he was completely honest either because we had NES in the environment before. Those tools could be improved because AlienVault is a SIEM, and it added all these other features.
Are they proficient in every one of those areas? Are they proficient in asset management? Is their tool good enough to be your company's vulnerability scanner? Is it good enough to be your asset manager? Is it good enough to be those additional tools? That's where I don't know if we have enough information.
We've been using AlienVault for three years.
AlienVault is a highly stable tool. The sensors go down once or twice every few months, but it's generally a stable product. It ran for us for three years with very minimal issues or concerns.
We were a small organization of 250 people when we started with maybe 150 machines out there server-wise. We grew to about 1,500 employees through the acquisition of four or five different businesses, so it was effortless to scale.
You need to add more licenses and data for law collection. Other than that, it was easy to work with from that perspective, and the AlienVault salespeople are accommodating.
My engineer dealt with the techs before, but that wasn't often. When he did deal with them, they were knowledgeable and helpful.
Setting up AlienVault is straightforward. They provide teams and reps to help us get everything set up and connected. We also had a security engineer who was highly experienced in deploying the agents, putting the connectors in place, and pulling the logs into the SIEM.
AlienVault is certainly not nearly as expensive as Splunk or QRadar. It's decently priced, but I don't have the exact figure.
This organization has AlienVault, and they're not happy with it, so I'm looking at other solutions. However, I don't know what their pain points were. I thought it was a great solution for my previous organization. It has tremendous benefits, and it brings everything into one single pane that includes your vulnerability management, asset management, IDS, logs, and correlation. It does all of those things in one single pane, and I think that's one of the benefits of AlienVault.
I rate AlienVault USM eight out of 10. That said, I haven't used many other SIEMs. I haven't worked with Splunk or QRadar. One of our organizations had QRadar, but they switched to AlienVault.
I used it in my previous company. My main use case was to identify the security events. Basically, it was a platform through which we used to monitor threat events for SOC operations.
We had its latest version. We used to keep updating it whenever there was a new release.
AlienVault was on-prem, and for cloud, we had Wazuh.
The feature that I liked the most is that they have a vulnerability assessment package that comes along with the SIEM solution. So, whenever I find any threat or alert for any of the devices or servers, I could immediately initiate a vulnerability assessment scan on that machine. That is one of a kind. The price at which AlienVault operates is also valuable.
The setup of AlienVault is extremely easy. It is very simple to understand for someone who is trying a SIEM solution for the first time.
The integration of servers and other devices is extremely easy. It is a piece of cake. You just double-click and start, and you are up and running. That's all.
Their threat intelligence platform needs to be broadened. They should integrate it with more threat intelligence platforms. For the threat feed that they get from open intelligence, I would like them to add a few premium threat intelligence platforms. They can provide a bundle in which AlienVault has the threat intelligence background of other premium products.
I have been working with this solution for around nine years. I was using it in my previous company, and I stopped using it about four months ago when I moved to my current company.
It is very stable.
It is scalable. It was a large deployment. We had more than 1,000 employees, but it was only used by the information security team to monitor the security events and logs. We had 18 users, but we had integrated more than 250 servers and network devices with it.
They were absolutely helpful. I found everyone very knowledgeable, and the ideology and everything else was fantastic. I would rate them a five out of five.
Positive
From a security perspective, this was the first one, but before that, they had SolarWinds, which is not a security incident monitoring tool. It is just a network performance monitoring tool. After I joined the company, we had to get a SIEM solution, and we onboarded AlienVault at first. We used it for a few years, and after that, we also integrated Wazuh.
In my current company, we have Datadog. We are using ELK Stack, and we have built our own SIEM solution.
It was very simple. The deployment and integration of other devices took about three to five days, and just the installation took less than 30 minutes.
I did the setup for the company. I was heading information security for that company.
It is affordable, and it also has many features that the premium products such as ArcSight and QRadar have. It is a very good platform for a SIEM solution. Everything is included in the price.
We have done a PoC in my current company, and I find both AlienVault and Datadog to be good, but we are exploring more options and doing a PoC with other solutions. We have not yet finalized any solution.
I would give it a good eight out of ten.
I find that USM Anywhere is not overly complicated and things flow logically. The way it lays out the Microsoft alert and formats the text for you so you can actually read it is very workable.
What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on and does it quite well. There are no whistles and bells, it's reliable and simple to use. Also, for the first time in eight years, I felt I could actually work with the raw data. I don't have to use search or log file manipulator engines because I can see the log file directly. It's readable and it's not cloudy like, for example, QRadar.
USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it.
I've been using it for 11 months.
I've never had an outage on it, so I would rate the stability of the solution a ten out of ten. I've used it for 11 months and it has never failed.
I would rate the scalability of USM Anywhere an eight out of ten. We are a smaller company and about a dozen people use the solution. It scales for us and we never fill out the data allocation we paid for.
I've never had the chance to contact technical support. The service call costs money and I would need to get permission from my director first.
Positive
I was certified in QRadar. I was a third-line engineer. I have also used ArcSight.
The initial setup is relatively easy. It was done by my technical director, but I'm sure anyone could do it.
The solution is not expensive at all. When it comes to costliness, I would rate it a two out of ten.
It's an incredibly good starting point for people who've never used something similar. A great benefit of it is that you can use it as a compliance tool as well, not just an alerting tool.
Overall, I give it a seven out of ten.
We use AT&T AlienVault USM as a managed SOC service for our customers to detect and respond to security events and potential incidents.
AT&T AlienVault USM has improved detection of the potential threats and helped us to proactively take action against these threats. AT&T USM has enabled us to identify the weaknesses and has helped in strengthening the weaknesses.
The ease of implementation is the most valuable feature.
The reporting and dashboards have room for improvement.
I have been using the solution for one year.
The solution is stable. I give the stability a nine out of ten. AT&T AlienVault USM has no uptime issues.
AT&T AlienVault USM is scalable and is based on the tiers offered. The tiers are from 250GB to 15 TB and more. This is the monthly log ingestion storage and is scalable to the next tier if more devices are added. This is a subscription model that supports 15 days, 30 days, and 90 days of online storage with little difference in pricing. The beauty of the solution is that they offer unlimited cold storage post the online storage duration. That can be retrieved within a day's time.
We have an account manager located in the UK who helps in getting the right technical person for emergencies. There is standard technical support through tickets. In general, they are pretty quick to respond and some of the enhancements are handled by their backend team for feature enrichment.
Positive
The initial setup is straightforward. The configuration and deployment are easy.
The setup process initially requires a few hours. Once we have obtained the necessary licenses, we can start using the system within a day. However, it may take a few months to complete the heuristic data and begin the optimization process. One to two people are required for the deployment.
There is a trial license for 15 days and that acts as a POC. Post-trial period the same can be converted into a licensed tier.
We implement the solution for our customers.
When compared to other solutions such as Splunk, LogRhythm, and IBM Security QRadar, AT&T AlienVault USM is a reasonably priced option that is also relatively inexpensive.
There are two criteria that I consider when evaluating products: "value for money" and "fit for purpose." The AT&T AlienVault USM satisfies both of these criteria. While we could potentially obtain better SIEM solutions by spending more, we must consider the cost. The SIEM is only one part of the overall model, and the efficiency of the response is also influenced by the people and processes behind it. Therefore, the tool alone cannot guarantee an efficient response. However, the AT&T AlienVault USM performs adequately in this regard, and I have not encountered any significant issues with it so far. Even with superior solutions such as Splunk, the effectiveness of the tool ultimately depends on the proficiency of the monitoring team. Therefore, I assign one-third of the overall value or a maximum of 40 percent to the tool's value if it accounts for 100 percent of the efficiency. In comparison to other products, the AT&T AlienVault USM is relatively good. On a scale of one to ten, I would rate the solution a nine out of ten.
I would not recommend this solution for on-premises deployment or for large organizations due to the need for a well-designed architecture for implementation. However, I would recommend this solution for cloud deployment and for small to medium-sized organizations.
AlienVault provides a central place for monitoring the logs from various security tools in our environment, such as CrowdStrike and Datrix. It gives us complete visibility into the logs from those tools and endpoints in our environment. We use AlienVault for managing logs and vulnerabilities with tools like CrowdStrike.
Having everything in a central place has been helpful.
AlienVault cannot automatically respond to threats like other SIEM solutions, such as Sentinel and LogRhythm. Most of our clients are far away, so it's often challenging to handle alerts when they come up on our dashboard.
We have been using AlienVault for two years now.
I rate AlienVault seven out of 10 for stability. Deploying AlienVault on-prem has been a challenge. The network sometimes drops, and it disconnects the sensor.
I rate AlienVault USM eight out of 10 for scalability.
We were using an open-source solution, then we upgraded to USM.
I rate AlienVault USM eight out of 10 for ease of setup. I've deployed it on-prem and in the cloud in EXI. You can deploy it in under 10 minutes. I deployed it by myself. It was easy for me because I attended the training, but some of my colleagues didn't. It was challenging for them to implement. However, one person is enough if you're trained.
You might have to pay an additional fee to increase the number of sensors. We have five sensors, but other clients have three. I think you need to pay more to extend to four or five.
We tried Elastic Security, but it was difficult for us to implement.
I rate AlienVault USM seven out of 10. It can do the job if log management is what you want, but it lacks automated response.
The use case is for companies that want to have more visibility in their environment and want to apply governance. This solution is used for compliance management, vulnerability management, threat hunting, and threat protection.
I think all of the features are valuable. However, the most valuable feature is vulnerability management because it gives you insight into your environment to know what systems need to be updated or patched. You can avoid weaknesses in the computers and other systems by keeping them patched.
I think they need to broaden their compliance management to cover more areas of compliance. For example, they're very specific about HIPAA, CIS 8.0, and a few others, but they don't have a broad compliance management base. Some customers need compliance management with other standards or frameworks, which are unavailable on their platform. I want to see more compliance management capability because if they broadened it, it would be a much more attractive product.
They have a lot of integrations, which is good, but the quality of integrations seems to be a little bit low. It's one thing to provide integration, and it's another to provide integration that works really well.
The solution is cloud-based and hybrid. A server is put into a customer's environment to collect information and send it to the cloud. Both the server installed in the customer's environment and the cloud solution are scalable. The solution has rapid elasticity and all the check marks a cloud-based solution needs to scale. It is definitely scalable.
There are currently 19 users in our company. I think over time we have plans to increase our usage of this solution, but as an MSP, we have clients with different requirements or needs, so we might pick a different solution because it's a better fit.
The initial setup was pretty straightforward. It wasn't that difficult.
The initial steps of the implementation, getting the account and setting it up, only take a few hours. Then there's some fine-tuning that takes place afterward, and it takes a little bit longer. You need about a week to really get that fully configured with a good plan and deployed in the environment, and then from there, it's just fine-tuning as you go.
We handled the deployment in-house. The solution needs one person for deployment and one for management.
I don't recall exactly what their prices are, but they are a little more expensive than Microsoft. It really depends on what features in Microsoft you may already be using. If, for example, you're a company that has Microsoft's Defender for Endpoint and Defender for Identity, or basically any of their Defender Suite applications, you might already be paying a certain amount every month or every year for those features that the Microsoft Sentinel solution brings under one umbrella.
AlienVault also has additional fees for extra storage in the cloud.
Recently, we were going to sell a customer AlienVault, but then they picked Microsoft Sentinel. We compared them because we wanted to make sure that both solutions could do the same thing, and it turns out that Microsoft does it a little bit better.
It's like having a Swiss Army knife that has all of the tools you need to do a craft, or just having a regular pocketknife that you can only use to do one thing. In this case, AT&T is the pocketknife and Microsoft is the Swiss Army knife.
My advice would be to make sure the product is a good fit in terms of compliance and compatibility with your security solution, like your EDR and ATP solutions. Make sure that they play well together because you could have issues with the two fighting each other over protecting the computers.
I would rate this solution as a seven out of ten.
It's a good product. They created AlienVault based off of an open source framework, so it's built on OSSIM. It's interesting that AT&T is going into the cybersecurity market since they're a huge mobile carrier. Right now, their marketing and advertisements are really good, but they need to invest more money into the product. If they focus more on building out the product, maybe invest a little bit more money into development, I think they'll have a stronger strategy and a very dominant winning solution in the market.
I have used AT&T AlienVault USM for Log collection and management, priority, and incident analysis.
AT&T AlienVault USM has helped our organization by highlighting known vulnerabilities in our network and full visibility of our network to figure out if there is anything that we are not aware of. If there are any missing pieces, they would be found by the AT&T AlienVault USM.
The most valuable feature in AT&T AlienVault USM is the reporting.
AT&T AlienVault USM can improve searchable data. It should be available for more than 90 days. If you need more than 90 days of data, you have to put a request and they give you raw data, which is not easy to search. A good addition would be to allow users to search data older than 90 days.
In a future update, they should add more integrations with third-party devices.
I have been using AT&T AlienVault USM for approximately six months.
AT&T AlienVault USM is stable.
The scalability of AT&T AlienVault USM is good.
We have five IT administrators that use it. We plan to increase the usage in the future.
We don't reach out to technical support from AT&T AlienVault USM. We go through our third-party provider. They are the ones who we reach out for technical support. We only reach out to the MSP.
I did not use another solution prior to AT&T AlienVault USM.
The initial setup of AT&T AlienVault USM was straightforward. The deployment took approximately one hour.
We did the implementation in-house with the help of a consultant. We require one person for the maintenance and support.
I have seen a return on investment using AT&T AlienVault USM.
I rate the return on investment of AT&T AlienVault USM a four out of five.
I rate the price of AT&T AlienVault USM a four out of five.
We evaluated Microsoft Sentinel and IBM QRadar before choosing AT&T AlienVault USM.
AT&T AlienVault USM is very easy to deploy, user-friendly, easy to understand, and fits very well for small, and medium-sized businesses. I won't say it is a con for the other ones, but they are more suitable for larger-sized companies and sometimes it is cost a lot for Microsoft Sentinel and IBM QRadar.
My advice to others is you need a dedicated person to monitor the same solution. If not, you have to outsource it to a 24/7 SOC, or Security Operation Center, such as a managed security provider.
I rate AT&T AlienVault USM a nine out of ten.
