USM Anywhere Reviews

I find that USM Anywhere is not overly complicated and things flow logically. The way it lays out the Microsoft alert and formats the text for you so you can actually read it is very workable.

What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on and does it quite well. There are no whistles and bells, it's reliable and simple to use. Also, for the first time in eight years, I felt I could actually work with the raw data. I don't have to use search or log file manipulator engines because I can see the log file directly. It's readable and it's not cloudy like, for example, QRadar. 

USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it.

I've been using it for 11 months.

I've never had an outage on it, so I would rate the stability of the solution a ten out of ten. I've used it for 11 months and it has never failed.

I would rate the scalability of USM Anywhere an eight out of ten. We are a smaller company and about a dozen people use the solution. It scales for us and we never fill out the data allocation we paid for.

I've never had the chance to contact technical support. The service call costs money and I would need to get permission from my director first.

Positive

I was certified in QRadar. I was a third-line engineer. I have also used ArcSight.

The initial setup is relatively easy. It was done by my technical director, but I'm sure anyone could do it.

The solution is not expensive at all. When it comes to costliness, I would rate it a two out of ten.

It's an incredibly good starting point for people who've never used something similar. A great benefit of it is that you can use it as a compliance tool as well, not just an alerting tool.

Overall, I give it a seven out of ten.

AlienVault provides a central place for monitoring the logs from various security tools in our environment, such as CrowdStrike and Datrix. It gives us complete visibility into the logs from those tools and endpoints in our environment. We use AlienVault for managing logs and vulnerabilities with tools like CrowdStrike.

Having everything in a central place has been helpful. 

AlienVault cannot automatically respond to threats like other SIEM solutions, such as Sentinel and LogRhythm. Most of our clients are far away, so it's often challenging to handle alerts when they come up on our dashboard.

We have been using AlienVault for two years now.

I rate AlienVault seven out of 10 for stability. Deploying AlienVault on-prem has been a challenge. The network sometimes drops, and it disconnects the sensor. 

I rate AlienVault USM eight out of 10 for scalability.

We were using an open-source solution, then we upgraded to USM.

I rate AlienVault USM eight out of 10 for ease of setup. I've deployed it on-prem and in the cloud in EXI. You can deploy it in under 10 minutes. I deployed it by myself. It was easy for me because I attended the training, but some of my colleagues didn't. It was challenging for them to implement. However, one person is enough if you're trained.

You might have to pay an additional fee to increase the number of sensors. We have five sensors, but other clients have three. I think you need to pay more to extend to four or five. 

We tried Elastic Security, but it was difficult for us to implement.

I rate AlienVault USM seven out of 10. It can do the job if log management is what you want, but it lacks automated response. 

We are using AT&T AlienVault USM for SIEM, collecting logs from clients, traffic, analyzing, forensics, and security.

AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable.

The AT&T AlienVault USM is okay, but the relational database is not very good for large amounts of data. For example, many logs cannot be processed. It has been very slow for the queries and some data which are large, it is not very good in this case.

I have been using AT&T AlienVault USM for approximately five years.

We are using AT&T AlienVault USM as a client, if we want to increase the data we can collect more data because the solution can expand well horizontally.

Between the cellphones and laptops usage, we have more than 250 users using his solution in my organization.

We have not used the technical support but we have clear documentation that we use.

The initial setup was straightforward. We have a server room which we deploy from.

The maintenance of the solution is not very difficult.

I would recommend this solution because it is simple to deploy, has high performance, and has a great user experience.

I rate AT&T AlienVault USM a nine out of ten.

We are using AT&T AlienVault USM for collecting the events, generating alarms, and events management.

The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events.

The price of AT&T AlienVault USM could be reduced.

I have been using AT&T AlienVault USM for approximately two years.

I am satisfied with the stability of AT&T AlienVault USM.

I rate the stability of AT&T AlienVault USM a five out of five.

AT&T AlienVault USM is scalable enough for our needs.

The initial setup of AT&T AlienVault USM was easy. Which involved all the configurations of correlation rules, and other elements for customer problems management. The full implementation took approximately two days.

I did the implementation of AT&T AlienVault USM with a colleague.

AT&T AlienVault USM is an expensive solution and we pay for the license and the support separately. We paid for the license and support for three years.

I would recommend this solution to others.

We do not use all the features of the solution.

I rate AT&T AlienVault USM an eight out of ten.

ATT AlienVault USM detects and responds to threats.

The vulnerability manager and the file integration are very good.

The GUI needs to improve because it's not user-friendly.

I have been using ATT AlienVault USM for approximately two years.

The solution is stable.

ATT AlienVault USM is scalable. 

It's not a good product for me, but for the small organization, it's a very good product.

The solution is being extensively used by one of our customers.

ATT AlienVault USM support is very good, they respond quickly to our needs.

The initial setup is not complex because it is a cloud solution. The sensor setup will only take a few hours. 

The solution is maintained by the vendor.

They charge a license based on the storage. ATT AlienVault USM is a less expensive solution than IBM QRadar.

My advice is ATT AlienVault USM is a great tool for small to medium size organizations. If the budget is not very good then you will need a good level team.

I rate ATT AlienVault USM a six out of ten.