The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on and does it quite well. There are no whistles and bells, it's reliable and simple to use.
The most valuable feature is vulnerability management because it gives you insight into your environment to know what systems need to be updated or patched.
Chief Information Security Officer at a computer software company with 51-200 employees
Real User
2022-07-26T06:12:58Z
Jul 26, 2022
Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs.
DevOps Engineer at a tech services company with 201-500 employees
Real User
2022-01-12T16:53:07Z
Jan 12, 2022
AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable.
In terms of monitoring, my best feature would be the monitoring of components across the network. It monitors the respective nodes and any new node that comes onto the network and provides reports. The reporting dashboards are really helpful for management in terms of making decisions around patch management.
The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events.
GISO - Global Information Security Officer at Beyon Connect
Real User
2022-07-10T15:39:18Z
Jul 10, 2022
The feature that I liked the most is that they have a vulnerability assessment package that comes along with the SIEM solution. So, whenever I find any threat or alert for any of the devices or servers, I could immediately initiate a vulnerability assessment scan on that machine. That is one of a kind. The price at which AlienVault operates is also valuable.
Principal DevOps Engineer at a tech vendor with 11-50 employees
Real User
2021-12-21T12:54:00Z
Dec 21, 2021
AlienVault's reporting is good. I like that vulnerability assessment is part of the solution, and the UI is intuitive. Also, the overhead is low, which is to say we don't need a dedicated SOC team to manage and analyze things constantly. We're a small company that doesn't have those resources.
Asset discovery and vulnerability scanner are good features. The integration between this solution and OTX, which is an AlienVault platform for Open Threat Exchange, is also a valuable feature. It is also quick and easy to deploy, so you can quickly engage with a customer's environment.
Sales Solutions Engineer at a tech services company with 201-500 employees
Reseller
2019-04-24T10:55:00Z
Apr 24, 2019
This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc).
Consultant at a tech services company with 11-50 employees
Reseller
2018-09-16T12:32:00Z
Sep 16, 2018
On any given day I could give you a different answer regarding the most valuable features of the product. The feature that is most important is the fact that it has a lot of features, that it's not just a log collection and correlation system, that it has a lot of other components built in. The bundle of features is really the killer feature.
ISO (Information Security Officer) with 10,001+ employees
Real User
2018-08-16T08:29:00Z
Aug 16, 2018
It provides a single pane of glass view, coupled with a whole security ecosystem. The ability to manage everything from a central point, including vulnerability assessments, asset management - including the services provided by the various hosts, NIDS, HIDS, etc. - provides a very efficient way of dealing with things.
The dashboards are very descriptive and contain just the right amount of information. The activity alarms and events contain a plethora of data that is very descriptive and useful.
USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.
Discover
Network asset discovery
Software & services discovery
AWS asset discovery
Azure asset discovery
Google Cloud Platform asset discovery
Analyze
SIEM event correlation, auto-prioritized alarms
User activity monitoring
Up to 90-days of online, searchable events
Detect
Cloud intrusion detection (AWS, Azure,...
The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on and does it quite well. There are no whistles and bells, it's reliable and simple to use.
The ease of implementation is the most valuable feature.
Having everything in a central place has been helpful.
The most valuable feature is vulnerability management because it gives you insight into your environment to know what systems need to be updated or patched.
The most valuable feature in AT&T AlienVault USM is the reporting.
Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs.
AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable.
In terms of monitoring, my best feature would be the monitoring of components across the network. It monitors the respective nodes and any new node that comes onto the network and provides reports. The reporting dashboards are really helpful for management in terms of making decisions around patch management.
The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events.
The feature that I liked the most is that they have a vulnerability assessment package that comes along with the SIEM solution. So, whenever I find any threat or alert for any of the devices or servers, I could immediately initiate a vulnerability assessment scan on that machine. That is one of a kind. The price at which AlienVault operates is also valuable.
Easy to use, scalable, stable, and very intuitive platform that provides protection against security threats.
The vulnerability manager and the file integration are very good.
AlienVault's reporting is good. I like that vulnerability assessment is part of the solution, and the UI is intuitive. Also, the overhead is low, which is to say we don't need a dedicated SOC team to manage and analyze things constantly. We're a small company that doesn't have those resources.
We're using it more for reporting, that's all. We're using it to help our customers to pass any kind of audits that they receive.
The solution has all the features that we need, however they do not work correctly.
Asset discovery and vulnerability scanner are good features. The integration between this solution and OTX, which is an AlienVault platform for Open Threat Exchange, is also a valuable feature. It is also quick and easy to deploy, so you can quickly engage with a customer's environment.
The solution is stable.
The other big selling feature for us was its integration capabilities with all the other security-based products.
The setup is very easy and straightforward.
There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems.
The most valuable feature is threat intelligence.
The most valuable feature of this solution is security management for PCI DSS.
This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc).
The IDS and the threat intelligence are very useful. They are very intuitive and data-rich.
On any given day I could give you a different answer regarding the most valuable features of the product. The feature that is most important is the fact that it has a lot of features, that it's not just a log collection and correlation system, that it has a lot of other components built in. The bundle of features is really the killer feature.
AlientVault has helped us in improving our visualization and incident response during cybersecurity situations.
It provides a single pane of glass view, coupled with a whole security ecosystem. The ability to manage everything from a central point, including vulnerability assessments, asset management - including the services provided by the various hosts, NIDS, HIDS, etc. - provides a very efficient way of dealing with things.
Log-monitoring and alerting enable us to know when things happen that we need to know about.
The dashboards are very descriptive and contain just the right amount of information. The activity alarms and events contain a plethora of data that is very descriptive and useful.
I can easily check (in one place) all the logs and data in relation to attacks. It also gives me an overview if a server is not configured properly.
AlienVault provides a checklist answer when using SIEM.
Its powerful correlation engine helps reduce time in manually correlating events.