We have used AlienVault for our security monitoring for threat protection and compliance management. We've seen an improvement against malware and viruses. It has definitely eased our concerns so we can focus on other things.
Senior Buyer & Operations Specialist at Nth Generation Computing
I've found the vulnerability assessment very valuable because it identifies vulnerabilities and AWS configuration issues
What is our primary use case?
How has it helped my organization?
AlienVault is very user-friendly. We've had a great experience with asset discovery, compliance reporting, endpoint detection and response. Our team uses the network infrastructure monitoring as well.
What is most valuable?
- In my experience, I've found the vulnerability assessment very valuable because it identifies vulnerabilities and AWS configuration issues, so we are less likely to have potential risks.
- The compliance reporting is also valuable for reporting purposes.
What needs improvement?
The only recommended changes I can think of is to have the ability to filter logs. Also, being able to navigate the dashboard. That seems to have been quite a challenge.
Buyer's Guide
USM Anywhere
November 2024
Learn what your peers think about USM Anywhere. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,067 professionals have used our research since 2012.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
There are multiple functions of this product, the stability and availability are awesome.
What do I think about the scalability of the solution?
The scalability of this solution is exceptional. I believe it's very reliable and dependable.
Which solution did I use previously and why did I switch?
I'm not familiar with what was used prior to AlienVault nor the reason the switch was made. I'm just very pleased.
How was the initial setup?
Yes, our team did not have any issues with the initial setup of AlienValut and its functions.
What about the implementation team?
In-house.
What was our ROI?
The return on investment is great. I feel this product is well worth the price for all the functions and performance it can provide.
What's my experience with pricing, setup cost, and licensing?
I advise others on the pricing and licensing. I research to find the best pricing for the value of the products as well as register all licensing.
Which other solutions did I evaluate?
No, our tech department did the evaluating of all the options and chose AlienVault.
What other advice do I have?
AlienVault is an amazing product that I would highly recommend.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
An all-in-one package for monitoring components across the network
Pros and Cons
- "In terms of monitoring, my best feature would be the monitoring of components across the network. It monitors the respective nodes and any new node that comes onto the network and provides reports. The reporting dashboards are really helpful for management in terms of making decisions around patch management."
- "I've been using it just for my own personal upskilling in terms of how the product works. At the moment, it is pretty straightforward and simple, and it is working how it is supposed to. The feedback would come once it is deployed to customer sites. They'll be using it on a more frequent basis, and that's when the feedback would come in terms of the areas in which they're facing issues or are looking for simplicity."
What is our primary use case?
General use cases would be for patch management and vulnerability management. The devices that are on the network may need patching if they're outdated. For any device or node that has entered the network and may be considered a threat, the HTTPS ports and different nodes need to be monitored for incoming and outgoing traffic. We could put in security rules for monitoring the actual devices down to the USP level, and we can also get the vulnerability information from OSX, and then provide that information to the IT teams.
In terms of the version, usually, when the updates come, the updates need to be aggregated to the customer, but at this moment in time, I am yet to secure a customer in that space due to the current COVID crisis in the country, across the Pacific, and globally.
In terms of deployment, the endpoints are on-premise, but it would be cloud-based in terms of the platform. So, it could be both depending on the customer. They would either have cloud or hybrid.
What is most valuable?
In terms of monitoring, my best feature would be the monitoring of components across the network. It monitors the respective nodes and any new node that comes onto the network and provides reports. The reporting dashboards are really helpful for management in terms of making decisions around patch management.
It is an all-in-one package. In terms of the selling points, to the best of my knowledge, it has eight different selling points or eight features, and they're all interlinked, which most of the infrastructure setups here do not have. They have separate systems for monitoring the networks. So, USM can cater based on those eight capabilities.
What needs improvement?
I've been using it just for my own personal upskilling in terms of how the product works. At the moment, it is pretty straightforward and simple, and it is working how it is supposed to. The feedback would come once it is deployed to customer sites. They'll be using it on a more frequent basis, and that's when the feedback would come in terms of the areas in which they're facing issues or are looking for simplicity.
For how long have I used the solution?
I have been using this solution for the last eight to 10 months.
What do I think about the stability of the solution?
So far, I haven't seen any patches or updates from the partner or the OTX site to show any issues in terms of stability. Based on the frequency of the updates, at the moment, it seems stable.
What do I think about the scalability of the solution?
It is easy to scale. It comes with all features, as opposed to separate individual modules. To my knowledge, you can scale it for your organization as and when there is a requirement or the organization grows. So, in terms of scalability, there is no problem. After you get it up and running, as the organization grows, the engines will be able to pick up that information.
It is really good for medium and large companies, but it can also be used for small organizations. Instead of deploying it to a small organization, you could provide a service where it is not on the customer site, and you basically link into your nodes for small customers. So, you install it for medium and large customers, and for small customers, you install it on your premise, and then you sell the individual features that they may request.
How are customer service and technical support?
I have not been in touch with their technical support. I deal with the technical account manager. When I read up the information and there is something that I'm not sure about, I check my resources and see what's available online. If none of the available resources are helpful, I reach out to my account manager who then puts me in touch with the technical team. I presume that if we encounter any issues in deployment, it would be based on a customer's demography or the setup.
How was the initial setup?
If you're not familiar with it from a tech perspective, it might be confusing for you, but from what I've seen and based on my experience, it is pretty simple and straightforward.
The user guides are also very helpful if you hit any roadblocks. It is very straightforward in terms of the instructions to set it up, but you should have minimum tech experience in understanding the documentation, which is fair enough and good because you don't want it to be too simple to set up that companies would say, "Well, we don't need IT if anybody can do this." So, you'd need some technical background to at least understand the documentation or the user guide.
I've only installed it for myself. It took a short amount of time to get it up and running. The deployment duration would depend on a customer's infrastructure size and the number of nodes that a customer has. It will also depend on the data collection that the agents or the engines need to do to protect the information and then put it in its database.
What's my experience with pricing, setup cost, and licensing?
Its price is in the medium to upper range.
What other advice do I have?
I would definitely recommend this solution, but I would also do a pre-assessment of the organizational setup and infrastructure. I'm a reseller, and it is obviously my top priority that we sell the product
If you look at the Gartner Magic Quadrants, you will see AlienVault is up there in the upper right quadrant, which makes it one of the top recommended solutions. That is the reason for my partnership with AT&T Cybersecurity for the product.
I would rate AT&T AlienVault USM a nine out of 10. No solution is 100% perfect.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
USM Anywhere
November 2024
Learn what your peers think about USM Anywhere. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,067 professionals have used our research since 2012.
Cybersecurity Architect at DataAssure
Easy setup with great security information management and very stable
Pros and Cons
- "The setup is very easy and straightforward."
- "The solution is a bit complicated. It could be simplified quite a bit."
What is our primary use case?
We primarily use the solution for cybersecurity events and management.
What is most valuable?
The SIEM, security information management is very, very good. Basically, it's great at analyzing the logs of our servers.
The setup is very easy and straightforward.
What needs improvement?
The solution is a bit complicated. It could be simplified quite a bit.
The correlation engine could be improved. Much improvement could be made there, as it is an important open-source solution.
The solution could benefit from including security orchestration. It's still not available yet. It would be really nice to have in a future release.
It could use something like a pen test. Tools like that would make it more comprehensive from a cybersecurity aspect.
For how long have I used the solution?
I've been using the solution since about 2015. It's been approximately six years or so.
What do I think about the stability of the solution?
The solution is extremely stable. We don't have any issues with its reliability. It doesn't crash or freeze and it's not buggy at all.
What do I think about the scalability of the solution?
The solution doesn't scale well if you are talking about enterprises using it. However, for our purposes, we've never had an issue with this. Larger companies might. We do intend to continue to use the solution and potentially increase usage.
How are customer service and technical support?
Technical support is extremely reliable. We've very satisfied with the level of service we receive. They are always knowledgeable, helpful, and responsive.
How was the initial setup?
The initials setup is not complex. It's a very straightforward implementation.
The overall deployment is quite quick. It might take about 30 minutes or so. That's all.
What's my experience with pricing, setup cost, and licensing?
The solution has a subscription-based annual payment option. It's not a perpetual license.
What other advice do I have?
We use both on-premises and cloud deployment models.
We both use the solution and sell the solution as well.
Overall, on a scale from one to ten, I would rate the solution at an eight.
We're more focused on servicing medium to small businesses. This solution may not be suitable for a large enterprise-level organization.
That said, we highly recommend it. I'd recommend that new users decide to first go for the trial. Take the trial and then make sure that you like it before investing in the subscription. The company offers a free trial - you might as well use it.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
VP IT Operations at a financial services firm with 51-200 employees
Enables us to search for critical vulnerabilities in our network
What is our primary use case?
We use it for the intrusion protection on our firewall. It's monitoring all our incoming traffic from the outside world through a firewall.
How has it helped my organization?
Previous to this, we really didn't have any protection, any intrusion system in place. It's made me more comfortable, since I'm in charge of IT for this company. I sleep better at night.
Using the solution, we have been able to look for critical vulnerabilities in our network. Thankfully, we haven't found any. It takes just a couple of hours.
What is most valuable?
The most valuable feature is what it can block, what it can prevent from coming in.
What needs improvement?
The only that I can think of is that is not ideal is sending Windows Server logs to their device, to the system. That has to be done on each server. I don't know if they have changed that.
What do I think about the stability of the solution?
It's a stable solution.
What do I think about the scalability of the solution?
It's very scalable.
How are customer service and technical support?
Tech support is very good. They usually respond very quickly.
Which solution did I use previously and why did I switch?
This is the first solution of its kind for us.
How was the initial setup?
The initial setup was pretty straightforward. The deployment took about a day. In terms of our implementation strategy, we have the cloud version. You create a VM in your system, it communicates with the cloud, and then you just log in through the cloud.
What's my experience with pricing, setup cost, and licensing?
It's very reasonably priced. It was one of the lowest among the ones I looked at. Licensing is pretty flexible. They can do a two-year or a three-year, even a one-year, perhaps.
Which other solutions did I evaluate?
I looked at two others but I don't remember their names.
What other advice do I have?
Compare it to the other vendors in the field, some of the top vendors. Make sure it fits your needs. It's more for a mid-sized company or a small company, not a large enterprise.
Regarding using it for discovering assets in our network which do not belong, our network isn't that big so we really don't use it for that. We also don't use the solution for compliance with regulations.
When it comes to staff using the solution, at the moment it is me and a monitoring service. We're the only ones who log into the solution. As for deployment, one person could probably do it because they help you deploy it. I did the deployment myself, with AlienVault. For maintenance, if you have a monitoring service that's fine, but if you're doing it yourself, you probably need somebody monitoring the log. When there's an incident, you probably need one or two other people.
I would rate it a nine out of ten. It does what we need and it's reliable.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Consultant at a tech services company with 11-50 employees
The bundle of features is the killer feature, but search performance and Raw Logs are slow
Pros and Cons
- "On any given day I could give you a different answer regarding the most valuable features of the product. The feature that is most important is the fact that it has a lot of features, that it's not just a log collection and correlation system, that it has a lot of other components built in. The bundle of features is really the killer feature."
- "Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on the thing. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies."
- "We've had some stability problems, not a lot, but a few. Updates seem to be the worst. That seems to be when the stability problems come up."
What is our primary use case?
Our use of the solution is all over the map. We use it for our own internal use. We use it in our security operations center. We're a reseller, we're an MSSP, and a Professional Services provider, so we do a lot of professional services on the platform. It's a standard SIEM solution and is used for log collection, log management, event correlation, alarming, and reporting.
How has it helped my organization?
There are probably a billion examples I could give. As a service provider, it helps us because we have all of our clients connected in through our management platform, and we're able to leverage the tools that AlienVault provides to monitor and collect data from all of those systems and identify security incidents for all of our clients. It provides network and host-level visibility and it's easy to tune and manage.
What is most valuable?
On any given day I could give you a different answer regarding the most valuable features of the product. The feature that is most important is the fact that it has a lot of features, that it's not just a log collection and correlation system, that it has a lot of other components built in. The bundle of features is really the killer feature.
In particular though:
- ease of use and deployment
- excellent cloud integration
- dynamic asset management
- vulnerability scanning
- network intrusion detection
- host-based agent monitoring and collection.
All of these features combined create a compelling "one-stop" package for a business that needs security monitoring and analytics.
What needs improvement?
Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on it. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies.
Also, there is no visibility into the NIDS or HIDS agent configurations and no easy way to augment them. The same is true for vulnerability scanning, it's all or nothing; there are no fine-grain controls as there was in their older product. There is a lack of "real" visibility into the correlation rules, and the inability to create our own sophisticated rules (only very simple ones) is a big miss.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
We've had some stability problems, not a lot, but a few. Updates seem to be the worst. That seems to be when the stability problems come up.
Sensors occasionally go down during updates and don't recover. Some maintenance cycles on the cloud controller have left the system in a weird state. In addition, there are times when the product seems very slow to respond. This may be related to back-end maintenance that we are not aware of.
What do I think about the scalability of the solution?
It scales reasonably well. There is a scalability plan for it. There is a way to add additional collection components, what they call Sensors, and then scale up the central platform. At this point, I don't believe it will scale to the very high-end. It is not a large, global enterprise-type product. It's more of a small-enterprise-and-below product.
How are customer service and technical support?
Their support has been good. I've always had good interactions with them.
Which solution did I use previously and why did I switch?
We've used a lot of solutions. I've used, run, and supported a lot of different solutions over the years. There were two primary reasons for switching to AlienVault. One was price, and the other was the feature bundle that I was talking about earlier.
We chose this particular product for many other reasons. As a Professional Services provider, a service provider, MSSP, and a reseller, we're not using it the way most end-users would go out and shop around and look for something. A big part of our decision in selecting this product was the fact that we were able to establish that relationship with AlienVault as a company, as a business to business relationship, to be a reseller, to be an MSSP, to be all of those things.
How was the initial setup?
The setup is pretty simple. The documentation is good. I've been setting up platforms like this for years, so it's not hard for me. For someone who is new to the product and hasn't used this type of product before, they'll have a little bit of a challenge, but it's not too bad. The system is pretty easy to install and, if you follow the documentation, it's pretty easy to configure.
Some cloud integration steps, like G Suite, were more complicated and prone to error.
What was our ROI?
Calculating ROI on security products is a funny endeavor, in my experience. It's not a hard science and it's not something you can easily throw a lot of numbers at. It's mostly guesswork.
What's my experience with pricing, setup cost, and licensing?
The pricing is a good value and makes sense.
The key thing is that for the new product, the licensing of it is subscription-based and it's based on data. Clients need to be really careful when thinking about that, because odds are they're going to need to put a lot more data into it than what they initially estimate, which is going to drive their subscription costs up.
I do have concerns that if a payment is delayed or if there is any dispute about billing, that all of our data is held in the cloud and could be lost.
What other advice do I have?
Overall, the automation features of this solution are good. The issue here is that there are really two solutions. There's the AlienVault Appliance product and then there's the AlienVault Anywhere product. The Appliance product, which is the older product, has a lot more customization and automation capabilities because it's very extensible. The newer product, the Anywhere product, is still very limited. We're very dependent on AlienVault to build in any kind of connections or integration.
If you are a mostly-cloud environment this is a good fit. If you have very few other security controls outside of a firewall this is a good step forward. But if you have a solid security program you may find this product lacking in a few areas. And most importantly, be very careful about subscription size and licensing.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Network Operations Manager / Systems Engineer at a tech services company
Asset management of nodes has been a large help in terms of being able to track applications with more detail
Pros and Cons
- "Vulnerability scanning helped out shortcomings of what was not patched in the past and what needed to be patched. This assisted with fine tuning the environment for compliance."
- "It brought our logs into one place for review and set up alarms based on changes we were missing due to lack of having one place for everything to go."
- "The asset management of nodes has been a large help in terms of being able to track applications with more detail and have changes made being monitored into one source."
- "Source material on the forums to be more up-to-date with the changes happening within the product. Forums being out-of-date with information due to the changes makes troubleshooting a little more difficult - specific to the HIDS agents."
What is our primary use case?
AlienVault is used in our infrastructure for compliance purposes. It was brought in as a replacement for use in multiple products at the time, such as Kiwi and Nexpose scanner. With the environment being new, it was the best place to start with being everything into one location for Syslog and Asset management. The vulnerability scanner also made the difference where the scans created tickets for remediation.
How has it helped my organization?
The all-in-one source for the needs of compliance has put everything into one location without the need of other applications and tools to accomplish the tasks. It brought our logs into one place for review and set up alarms based on changes we were missing due to lack of having one place for everything to go. Vulnerability scanning helped out shortcomings of what was not patched in the past and what needed to be patched. This assisted with fine tuning the environment for compliance. The reports also helped upper management with the ease the product was doing in its job and holes that were being filled.
What is most valuable?
The asset management of nodes has been a large help in terms of being able to track applications with more detail and have changes made being monitored into one source. The vulnerability scanning has also been an aide of reviewing the systems and having feedback of what is missing patches and holes in our environment that need review and remediation. The all-in-one aspect has been helpful to see items and correlate within one source rather then multiple.
What needs improvement?
Source material on the forums to be more up-to-date with the changes happening within the product. Forums being out-of-date with information due to the changes makes troubleshooting a little more difficult - specific to the HIDS agents. Troubleshooting connectivity is limited to very view articles with very little information. Perhaps adding templates into the HIDS agents for collection based on systems or a clickable addition of files to collect with check boxes rather than configuring the HIDS agents through text.
Also, more information on how specific sections relate to PCI and how to use/setup the SIEM to follow the guidelines of the areas. Some information is vague on how to accomplish specific items within PCI on help forums through AlienVault.
For how long have I used the solution?
Less than one year.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Systems Administrator at a healthcare company
Activity alarms and events contain a plethora of useful and very descriptive data
Pros and Cons
- "The dashboards are very descriptive and contain just the right amount of information. The activity alarms and events contain a plethora of data that is very descriptive and useful."
- "The only room for improvement I can mention is the initial installation procedures. I found that the online installation instructions for the product were missing important details, they lacked necessary steps."
What is our primary use case?
Our primary use of AlienVault is as a SIEM tool.
How has it helped my organization?
This product has streamlined productivity by having all the information in one place. It has really helped eliminate a lot of manual work because its automation is pretty robust and important. It puts everything in one place for me.
It is also helping us get HITRUST certified, which is a certification we need for New York State. So this tool is a requirement, and it's going to help us stand out with New York State.
What is most valuable?
It's hard to pick just one valuable feature for this product. I like everything the product has to offer. The dashboards are very descriptive and contain just the right amount of information. The activity alarms and events contain a plethora of data that is very descriptive and useful.
Vulnerability scans, IDS scans, asset scans. It's pretty much the whole USM Anywhere tool. Everything in here is pretty important. It gives you all the vulnerabilities of your assets. It goes through and it actually shows you the software on there, if it's missing patches, the operating system.
Overall, I find that this product is amazing.
What needs improvement?
Honestly, the product itself is great. The only room for improvement I can mention is the initial installation procedures. I found that the online installation instructions for the product were missing important details, they lacked necessary steps. The product itself is fine.
For how long have I used the solution?
Less than one year.
What do I think about the stability of the solution?
I encountered some stability issues only because of a lack of knowledge regarding my network equipment and because AlienVault support was also not familiar with it. As long as you follow the recommendations for system requirements, there shouldn't be any issues.
What do I think about the scalability of the solution?
No issues with scalability. We're only a company of 50 people, so I haven't had any issues whatsoever yet.
How is customer service and technical support?
Technical support is very helpful. They know their product. The one person I used was very responsive. He actually called me, checked in with me, to make sure the issue we did once have was fixed, and that I was satisfied. I really appreciated his perseverance.
It would help if they knew more about different network hardware. I realize that there are so many different types that it is next to impossible to know all network equipment and its compatibility with their product.
How was the initial setup?
The initial setup procedures were definitely missing some key steps. They need to keep in mind that not everyone is an expert on network equipment and perhaps be more descriptive and provide more details. That would have been helpful.
I think they look at it as if you're a very knowledgeable person. I hate saying the word "dumb," but they need to dumb it down a little bit and think about all the types of people they need to hit, not just the people who have been doing networking for 20 years. They need to keep in mind that there are people who are just out of college or who are not as
knowledgeable. They need to keep in mind that all walks of life need to be considered.
I just hope that AlienVault realizes that they need their instructions to be a little bit more detailed and descriptive. Through the troubleshooting I did with them, they realized that there were issues, and they put in a request to update their instructions.
What's my experience with pricing, setup cost, and licensing?
So far, I feel the product's pricing is a good value. The technology is decent. You get what you pay for. I think it's fair.
Which other solutions did I evaluate?
I did look at other options but I don't recall which ones. We were vetting for a while, but this one came highly recommended by a company we use locally for pen and vulnerability testing. They recommended AlienVault because they've seen it used in the area and they liked it a lot. We vetted it and said, "The heck with it. We're going with them."
What other advice do I have?
It is a great product. Just get it.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Network and Securirty Engineer at a tech vendor with 501-1,000 employees
It has allowed us to see what is happening on our servers
Pros and Cons
- "The main menu: You can see everything there, what is happening on the servers, and in the logs, you can view more details of each event."
- "It has allowed us to see what is happening on our servers."
- "As this software is in the cloud, you do not have control on updates and general changes which are happening."
What is our primary use case?
We have devices in AWS and in the data center. The main reason is to do an IDS inspection in the cloud, as it was really hard to get proper software to do this and we did not want to install a virtual firewall in each timezone. We have over 200 servers being protected with this software.
How has it helped my organization?
It has allowed us to see what is happening on our servers. You can do a similar setup with AWS, but monitoring it can give you a headache if you ave over 10 servers.
What is most valuable?
The main menu: You can see everything there, what is happening on the servers, and in the logs, you can view more details of each event. Everything you need is in 'one place'.
What needs improvement?
As this software is in the cloud, you do not have control on updates and general changes which are happening. It can be a somewhat annoying that DC sensors are updated and you will not have control when this happens.
For how long have I used the solution?
Less than one year.
What do I think about the stability of the solution?
So far, stability has been okay.
What do I think about the scalability of the solution?
So far, no issues with scalability. We see that too many logs are being sent out, but you have to work out logging what you need.
How are customer service and technical support?
They quickly respond on what you need, not on what they know.
Which solution did I use previously and why did I switch?
We did not use a previous solution.
How was the initial setup?
It was easy to set up. AlienVault was helpful here.
What about the implementation team?
We used our team, but with the help of the AlienVault team.
What was our ROI?
We have been using it less then a year, but it does saves time when searching logs.
What's my experience with pricing, setup cost, and licensing?
Negotiate the best package for your environment.
Which other solutions did I evaluate?
We ran a few PoCs. The price and feature set were the best with AlienVault.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free USM Anywhere Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Security Information and Event Management (SIEM) Log Management Endpoint Detection and Response (EDR) Compliance ManagementPopular Comparisons
CrowdStrike Falcon
Microsoft Sentinel
Splunk Enterprise Security
IBM Security QRadar
Elastic Security
LogRhythm SIEM
Sumo Logic Security
Rapid7 InsightIDR
Fortinet FortiSIEM
AlienVault OSSIM
Securonix Next-Gen SIEM
Exabeam
ManageEngine Log360
Buyer's Guide
Download our free USM Anywhere Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Has anyone got experience in deployment of a SIEM solution?
- AlienVault saying I can't use it in a DHCP environment. Help!
- What Solution for SIEM is Best To Be NIST 800-171 Compliant?
- When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?
- What are the main differences between Nessus and Arcsight?
- Which is the best SIEM solution for a government organization?
- What is the difference between IT event correlation and aggregation?
- What Is SIEM Used For?
- What Questions Should I Ask Before Buying SIEM?
- RSA-EMC vs. other SIEM products?
Thank you for taking time to provide your experience & feedback!