"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."
"It's very, very versatile."
"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."
"The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."
"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."
"One of the biggest features of the UI is that you see the actual code of what you're doing in the graphical user interface, in a little window on the side. Whatever you're doing, you see the code, what's happening. And you can really quickly switch between using the GUI and using the code. That's really useful."
"The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us."
"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."
"In terms of monitoring, my best feature would be the monitoring of components across the network. It monitors the respective nodes and any new node that comes onto the network and provides reports. The reporting dashboards are really helpful for management in terms of making decisions around patch management."
"The setup is very easy and straightforward."
"There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems."
"The solution has all the features that we need, however they do not work correctly."
"We're using it more for reporting, that's all. We're using it to help our customers to pass any kind of audits that they receive."
"The most valuable feature is threat intelligence."
"The other big selling feature for us was its integration capabilities with all the other security-based products."
"AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable."
"The solution is very fast and succinct."
"The scalability of the solution is amazing because it can collect a lot of data and you can have your own structure to monitor this data."
"The integration is seamless with many devices and operating systems."
"The solution has proven to be quite stable."
"The product is good, it satisfies our customers."
"I am satisfied with the support."
"Great platform with user-friendly interface and GUI."
"What I really like is that even if you have already collected the data, you can extract fields and can build searches."
"Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data."
"There's always room to reduce the learning curve over how to deal with events and machine data. They could make the machine data simpler."
"We only use the core functionality and one of the reasons for this is that their security operation center needs improvement."
"I would like to have the ability to create more complex dashboards."
"The overall performance of extraction could be a lot faster, but that's a common problem in this space in general. Also, the stock or default alerting and detecting options could definitely be broader and more all-encompassing. The fact that they're not is why we had to write all our own alerts."
"The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets."
"There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts."
"The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc."
"I'd like to see a dashboard that's a little more descriptive."
"In the future, I would like to see all these features of the solution working properly."
"I've been using it just for my own personal upskilling in terms of how the product works. At the moment, it is pretty straightforward and simple, and it is working how it is supposed to. The feedback would come once it is deployed to customer sites. They'll be using it on a more frequent basis, and that's when the feedback would come in terms of the areas in which they're facing issues or are looking for simplicity."
"Its reporting tools need improvements. It would be good if they can provide integration with other ticketing systems. Currently, we only have integration with Slack and Jira. It is also a bit slow, and its replication engine can be improved."
"There could be some type of integration with our existing portal. We have our own customer portals, and it would be good if there was an integration so that our portal can provide reports. There could be some type of API into the AlienVault system with the USM system so that it is easy to show the customers high-level reports of the system through our portal."
"The reporting is mediocre and is something that needs to be improved."
"Adding a parsing interface for the customers would make AT&T AlienVault USM better."
"The dashboard could be improved as well as the level of customization."
"It needs integration with a configuration management solution."
"The solution has a high learning curve for users. It's a little complicated when you're trying to figure out all the features and what they do."
"I'd say I am happy with the technical support, not elated. They provide great support, but sometimes they don't have the answers that I need."
"Their technical support sucks."
"We had some connections issues with the solution at the beginning."
"Its search or filtering capability is nice, but it can be improved. It is currently a bit complicated, and it should be simplified. If we can write the search filter in a more simplified way, it would be better."
"In terms of the interface, it could include some improvements for the look and feel."
"It needs integration with a configuration management solution."
See how Devo allows you to free yourself from data management, and make machine data and insights accessible.
AT&T AlienVault USM is ranked 10th in Log Management with 13 reviews while Splunk is ranked 1st in Log Management with 69 reviews. AT&T AlienVault USM is rated 7.4, while Splunk is rated 8.2. The top reviewer of AT&T AlienVault USM writes "An all-in-one package for monitoring components across the network". On the other hand, the top reviewer of Splunk writes "Very versatile for many use cases". AT&T AlienVault USM is most compared with Wazuh, AlienVault OSSIM, IBM QRadar, Elastic Security and CrowdStrike Falcon, whereas Splunk is most compared with Microsoft Sentinel, Elastic Security, Dynatrace, IBM QRadar and AppDynamics. See our AT&T AlienVault USM vs. Splunk report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
