Coming October 25: PeerSpot Awards will be announced! Learn more
Francis Silva - PeerSpot reviewer
Coordinator de Servicios  at MAINT
Real User
Top 20
Easy to use and intuitive platform against security threats, with a feature for adding apps
Pros and Cons
  • "Easy to use, scalable, stable, and very intuitive platform that provides protection against security threats."
  • "Adding a parsing interface for the customers would make AT&T AlienVault USM better."

What is our primary use case?

We have customers from the retail, industrial, strategic resource, and OT infrastructure sectors who are using AT&T AlienVault USM. The solution has several use cases.

What is most valuable?

I like that AT&T AlienVault USM is deployed on cloud, because the previous solution, the all-in-one solution wasn't, so we had a lot of problems with the all-in-one solution. Either the database was corrupted, or there was a large delay in the appliance. With AT&T AlienVault USM being on cloud, all of those problems disappeared.

Another feature I like about the solution is the ability to add apps. It's a really good feature.

AT&T AlienVault USM is a very intuitive tool, especially for analysts. It's easy to use.

What needs improvement?

An improvement for AT&T AlienVault USM is the option for us to build the connectors ourselves, for us to do the parsing ourselves, because those options disappeared with the version of the solution that we're currently using. I know I can talk to the vendor to ask for a new parsing option for the application, for any new platform, but I understand that it can take several months. Adding a parsing interface for the customers would be good.

What do I think about the stability of the solution?

AT&T AlienVault USM is a stable solution.

Buyer's Guide
AT&T AlienVault USM
October 2022
Learn what your peers think about AT&T AlienVault USM. Get advice and tips from experienced pros sharing their opinions. Updated: October 2022.
635,513 professionals have used our research since 2012.

What do I think about the scalability of the solution?

AT&T AlienVault USM is a scalable solution, especially because we have the option to use more sensors, and we have an average scale of log space for log rotation.

How are customer service and support?

We don't deal with the support team for AT&T AlienVault USM, in terms of big issues, but in terms of them answering a question, or giving information about design specs, their response is good. Their response is correct, so we have no problem with the support for this solution.

From one to five, where one is bad and five is good, I'm rating their support a four.

How was the initial setup?

The initial setup for AT&T AlienVault USM was easy.

Which other solutions did I evaluate?

We evaluated another product: AlienVault OSSIM, but only for testing, we did not suggest it to our customers.

What other advice do I have?

We are using AT&T AlienVault USM. It's our main SIEM solution. We've been a partner of AT&T for four to five years. We still have a customer using the all-in-one solution, but now we are mainly promoting AlienVault USM Anywhere.

I know that the solution is undergoing changes to become even more useful, so we have no problems with it. There's no problem, even in terms of integration.

We use three people for the deployment and maintenance of the solution. One person is in charge of designing and implementing. Another person supports the implementation and the requirements of the customer. The third person does the monitoring exclusively. We provide our customers with the services of a security operations center.

I'm recommending AT&T AlienVault USM to others and I'm rating AT&T AlienVault USM eight out of ten.


Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
Network and Security Infrastructure Manager at a wholesaler/distributor with 201-500 employees
Real User
Useful highlighted known vulnerabilities, full network viability, and beneficial reports
Pros and Cons
  • "The most valuable feature in AT&T AlienVault USM is the reporting."
  • "AT&T AlienVault USM can improve searchable data. It should be available for more than 90 days. If you need more than 90 days of data, you have to put a request and they give you raw data, which is not easy to search. A good addition would be to allow users to search data older than 90 days."

What is our primary use case?

I have used AT&T AlienVault USM for Log collection and management, priority, and incident analysis.

How has it helped my organization?

AT&T AlienVault USM has helped our organization by highlighting known vulnerabilities in our network and full visibility of our network to figure out if there is anything that we are not aware of. If there are any missing pieces, they would be found by the AT&T AlienVault USM.

What is most valuable?

The most valuable feature in AT&T AlienVault USM is the reporting.

What needs improvement?

AT&T AlienVault USM can improve searchable data. It should be available for more than 90 days. If you need more than 90 days of data, you have to put a request and they give you raw data, which is not easy to search. A good addition would be to allow users to search data older than 90 days.

In a future update, they should add more integrations with third-party devices.

For how long have I used the solution?

I have been using AT&T AlienVault USM for approximately six months.

What do I think about the stability of the solution?

AT&T AlienVault USM is stable.

What do I think about the scalability of the solution?

The scalability of AT&T AlienVault USM is good.

We have five IT administrators that use it. We plan to increase the usage in the future.

How are customer service and support?

We don't reach out to technical support from AT&T AlienVault USM. We go through our third-party provider. They are the ones who we reach out for technical support. We only reach out to the MSP.

Which solution did I use previously and why did I switch?

I did not use another solution prior to AT&T AlienVault USM.

How was the initial setup?

The initial setup of AT&T AlienVault USM was straightforward. The deployment took approximately one hour.

What about the implementation team?

We did the implementation in-house with the help of a consultant. We require one person for the maintenance and support.

What was our ROI?

I have seen a return on investment using AT&T AlienVault USM.

I rate the return on investment of AT&T AlienVault USM a four out of five.

What's my experience with pricing, setup cost, and licensing?

I rate the price of AT&T AlienVault USM a four out of five.

Which other solutions did I evaluate?

We evaluated Microsoft Sentinel and IBM QRadar before choosing AT&T AlienVault USM.

AT&T AlienVault USM is very easy to deploy, user-friendly, easy to understand, and fits very well for small, and medium-sized businesses. I won't say it is a con for the other ones, but they are more suitable for larger-sized companies and sometimes it is cost a lot for Microsoft Sentinel and IBM QRadar.

What other advice do I have?

My advice to others is you need a dedicated person to monitor the same solution. If not, you have to outsource it to a 24/7 SOC, or Security Operation Center, such as a managed security provider.

I rate AT&T AlienVault USM a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
AT&T AlienVault USM
October 2022
Learn what your peers think about AT&T AlienVault USM. Get advice and tips from experienced pros sharing their opinions. Updated: October 2022.
635,513 professionals have used our research since 2012.
Stephen Hui - PeerSpot reviewer
Cybersecurity Architect at DataAssure
Reseller
Top 5
Easy setup with great security information management and very stable
Pros and Cons
  • "The setup is very easy and straightforward."
  • "The solution is a bit complicated. It could be simplified quite a bit."

What is our primary use case?

We primarily use the solution for cybersecurity events and management.

What is most valuable?

The SIEM, security information management is very, very good. Basically, it's great at analyzing the logs of our servers.

The setup is very easy and straightforward.

What needs improvement?

The solution is a bit complicated. It could be simplified quite a bit.

The correlation engine could be improved. Much improvement could be made there, as it is an important open-source solution. 

The solution could benefit from including security orchestration. It's still not available yet. It would be really nice to have in a future release.

It could use something like a pen test. Tools like that would make it more comprehensive from a cybersecurity aspect. 

For how long have I used the solution?

I've been using the solution since about 2015. It's been approximately six years or so.

What do I think about the stability of the solution?

The solution is extremely stable. We don't have any issues with its reliability. It doesn't crash or freeze and it's not buggy at all.

What do I think about the scalability of the solution?

The solution doesn't scale well if you are talking about enterprises using it. However, for our purposes, we've never had an issue with this. Larger companies might. We do intend to continue to use the solution and potentially increase usage.

How are customer service and technical support?

Technical support is extremely reliable. We've very satisfied with the level of service we receive. They are always knowledgeable, helpful, and responsive.

How was the initial setup?

The initials setup is not complex. It's a very straightforward implementation.

The overall deployment is quite quick. It might take about 30 minutes or so. That's all.

What's my experience with pricing, setup cost, and licensing?

The solution has a subscription-based annual payment option. It's not a perpetual license.

What other advice do I have?

We use both on-premises and cloud deployment models.

We both use the solution and sell the solution as well.

Overall, on a scale from one to ten, I would rate the solution at an eight.

We're more focused on servicing medium to small businesses. This solution may not be suitable for a large enterprise-level organization.

That said, we highly recommend it. I'd recommend that new users decide to first go for the trial. Take the trial and then make sure that you like it before investing in the subscription. The company offers a free trial - you might as well use it.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
PeerSpot user
Operation Manager at Checksum Consultancy
Real User
Top 20
Easy to deploy, good integration with OTX, and good at asset discovery and vulnerability scanning
Pros and Cons
  • "Asset discovery and vulnerability scanner are good features. The integration between this solution and OTX, which is an AlienVault platform for Open Threat Exchange, is also a valuable feature. It is also quick and easy to deploy, so you can quickly engage with a customer's environment."
  • "Its reporting tools need improvements. It would be good if they can provide integration with other ticketing systems. Currently, we only have integration with Slack and Jira. It is also a bit slow, and its replication engine can be improved."

What is our primary use case?

We provide information security services to clients. We are seeking some clients to provide monitoring services by using AlienVault. We are also providing AlienVault USM Anywhere, which is cloud-based and has integration with cloud platforms such as AWS, Azure, and Google Cloud. 

What is most valuable?

Asset discovery and vulnerability scanner are good features. The integration between this solution and OTX, which is an AlienVault platform for Open Threat Exchange, is also a valuable feature. It is also quick and easy to deploy, so you can quickly engage with a customer's environment.

What needs improvement?

Its reporting tools need improvements. It would be good if they can provide integration with other ticketing systems. Currently, we only have integration with Slack and Jira.

It is also a bit slow, and its replication engine can be improved.

For how long have I used the solution?

I have been using this solution for six months.

How are customer service and technical support?

We provide technical support for our clients.

Which solution did I use previously and why did I switch?

I have used McAfee ESM. McAfee ESM has many good features, but it is not very integrated with cloud-based assets. AlienVault is already a cloud-based solution, and it is native to cloud assets, which gives AlienVault an advantage over McAfee ESM. On the other hand, McAfee ESM is much better than AlienVault in terms of search engine, data collection, and events. 

How was the initial setup?

It is very easy to deploy. It just takes one or two days and allows you to engage with your customer's environment quickly.

What's my experience with pricing, setup cost, and licensing?

Its price is much lower than McAfee ESM.

What other advice do I have?

I would encourage others to go with this solution because it is easy to deploy, and it provides good tools to know more about your network and the traffic on it. Its reporting needs some improvements, but it fulfills the needs.

I would rate AlienVault USM an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Seyed Afzouni - PeerSpot reviewer
DevOps Engineer at a tech services company with 201-500 employees
Real User
Impressive visuals, high performance, and good user experience
Pros and Cons
  • "AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable."
  • "The AT&T AlienVault USM is okay, but the relational database is not very good for large amounts of data. For example, many logs cannot be processed. It has been very slow for the queries and some data which are large, it is not very good in this case."

What is our primary use case?

We are using AT&T AlienVault USM for SIEM, collecting logs from clients, traffic, analyzing, forensics, and security.

What is most valuable?

AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable.

What needs improvement?

The AT&T AlienVault USM is okay, but the relational database is not very good for large amounts of data. For example, many logs cannot be processed. It has been very slow for the queries and some data which are large, it is not very good in this case.

For how long have I used the solution?

I have been using AT&T AlienVault USM for approximately five years.

What do I think about the scalability of the solution?

We are using AT&T AlienVault USM as a client, if we want to increase the data we can collect more data because the solution can expand well horizontally.

Between the cellphones and laptops usage, we have more than 250 users using his solution in my organization.

How are customer service and support?

We have not used the technical support but we have clear documentation that we use.

How was the initial setup?

The initial setup was straightforward. We have a server room which we deploy from.

What about the implementation team?

The maintenance of the solution is not very difficult.

What other advice do I have?

I would recommend this solution because it is simple to deploy, has high performance, and has a great user experience.

I rate AT&T AlienVault USM a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
ICT Consultant at N3tcom
Real User
Top 20
Highly stable, easy to use, and simple implementation
Pros and Cons
  • "The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events."
  • "The price of AT&T AlienVault USM could be reduced."

What is our primary use case?

We are using AT&T AlienVault USM for collecting the events, generating alarms, and events management.

What is most valuable?

The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events.

What needs improvement?

The price of AT&T AlienVault USM could be reduced.

For how long have I used the solution?

I have been using AT&T AlienVault USM for approximately two years.

What do I think about the stability of the solution?

I am satisfied with the stability of AT&T AlienVault USM.

I rate the stability of AT&T AlienVault USM a five out of five.

What do I think about the scalability of the solution?

AT&T AlienVault USM is scalable enough for our needs.

How was the initial setup?

The initial setup of AT&T AlienVault USM was easy. Which involved all the configurations of correlation rules, and other elements for customer problems management. The full implementation took approximately two days.

What about the implementation team?

I did the implementation of AT&T AlienVault USM with a colleague.

What's my experience with pricing, setup cost, and licensing?

AT&T AlienVault USM is an expensive solution and we pay for the license and the support separately. We paid for the license and support for three years.

What other advice do I have?

I would recommend this solution to others.

We do not use all the features of the solution.

I rate AT&T AlienVault USM an eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Alaa Mady - PeerSpot reviewer
System Administrator at a insurance company with 51-200 employees
Real User
Top 20
Unstable features, poor technology integration, and support needs improvement
Pros and Cons
  • "The solution has all the features that we need, however they do not work correctly."
  • "In the future, I would like to see all these features of the solution working properly."

What is our primary use case?

I am using the solution for security information and event management.

What is most valuable?

The solution has all the features that we need, however they do not work correctly.

What needs improvement?

This solution has too many issues with integration with other technologies. For example, you can configure the solution to integrate with your technology today but tomorrow it will stop working. You have to continually update the login, save the issue, and create a ticket with support. It is a long process that takes too long for the support to resolve quickly.

In the future, I would like to see all these features of the solution working properly.

For how long have I used the solution?

I have been using the solution for two years.

What do I think about the stability of the solution?

The solution is not stable. Sometimes the virtual machines are not working and it is not a network issue. There are many compatibility issues. There have been times when upgrading the firmware the device is not operational, you then have to restore to the older version.

How are customer service and technical support?

The customer support has not been very helpful when issues arise.

What's my experience with pricing, setup cost, and licensing?

The price for this solution is very good, but since the features do not work the price is expensive.

What other advice do I have?

I would not recommend anyone to use it.

I rate ATT AlienVault USM a one out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Team Lead & Principal Software Engineer at a tech services company with 51-200 employees
Real User
Top 5
Integrates well, useful vulnerability manager, but GUI needs improvements

What is our primary use case?

ATT AlienVault USM detects and responds to threats.

What is most valuable?

The vulnerability manager and the file integration are very good.

What needs improvement?

The GUI needs to improve because it's not user-friendly.

For how long have I used the solution?

I have been using ATT AlienVault USM for approximately two years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

ATT AlienVault USM is scalable. 

It's not a good product for me, but for the small organization, it's a very good product.

The solution is being extensively used by one of our customers.

How are customer service and support?

ATT AlienVault USM support is very good, they respond quickly to our needs.

How was the initial setup?

The initial setup is not complex because it is a cloud solution. The sensor setup will only take a few hours. 

What about the implementation team?

The solution is maintained by the vendor.

What's my experience with pricing, setup cost, and licensing?

They charge a license based on the storage. ATT AlienVault USM is a less expensive solution than IBM QRadar.

What other advice do I have?

My advice is ATT AlienVault USM is a great tool for small to medium size organizations. If the budget is not very good then you will need a good level team.

I rate ATT AlienVault USM a six out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free AT&T AlienVault USM Report and get advice and tips from experienced pros sharing their opinions.
Updated: October 2022
Buyer's Guide
Download our free AT&T AlienVault USM Report and get advice and tips from experienced pros sharing their opinions.