Co-Founder/Director at Bangkok MSP Company Limited
Real User
Top 5
2024-11-11T14:59:00Z
Nov 11, 2024
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools.
Our customers have three use cases, Log aggregation, correlation, and the SIEM functionalities. Our customers are mostly in the finance and banking sectors.
In my company, we use the solution in our security operation center to monitor the client environment and as a solution that provides us with continuous monitoring ability.
I find that USM Anywhere is not overly complicated and things flow logically. The way it lays out the Microsoft alert and formats the text for you so you can actually read it is very workable.
AlienVault provides a central place for monitoring the logs from various security tools in our environment, such as CrowdStrike and Datrix. It gives us complete visibility into the logs from those tools and endpoints in our environment. We use AlienVault for managing logs and vulnerabilities with tools like CrowdStrike.
We use it for log management, which is connected to our active directory and other servers. It is agent-based and picklocks for our firewall. Every activity on the firewall is recorded, and notifications are sent with this solution.
GISO - Global Information Security Officer at Beyon Connect
Real User
2022-07-10T15:39:18Z
Jul 10, 2022
I used it in my previous company. My main use case was to identify the security events. Basically, it was a platform through which we used to monitor threat events for SOC operations. We had its latest version. We used to keep updating it whenever there was a new release. AlienVault was on-prem, and for cloud, we had Wazuh.
We have customers from the retail, industrial, strategic resource, and OT infrastructure sectors who are using AT&T AlienVault USM. The solution has several use cases.
Principal DevOps Engineer at a tech vendor with 11-50 employees
Real User
2021-12-21T12:54:00Z
Dec 21, 2021
AlienVault USM is an SaaS solution offered through the cloud. It's a security incident event management solution that scans logs to look for various security patterns that are shipped to it. Then it alerts us so we can identify trends.
We use it for compliance. We're not using it as a security operation center type of thing. Its usage is more from an auditing standpoint at this point. We partner with them for customers who need something like a SIEM, so we're a cloud provider and integrator. It is deployed on the cloud. It is a combination of AT&T's own cloud and our cloud. We run our own infrastructure. So, it is a hybrid and private cloud.
We provide information security services to clients. We are seeking some clients to provide monitoring services by using AlienVault. We are also providing AlienVault USM Anywhere, which is cloud-based and has integration with cloud platforms such as AWS, Azure, and Google Cloud.
Senior Network Architect / Network Team Leader at ICE Consulting. Inc.
Real User
2020-11-18T06:20:55Z
Nov 18, 2020
We were trying to get into the security market to be able to offer something to our clients who are asking for a monitoring event management system. We started looking at what we could offer as an MSP to our clients; that's what drove us into evaluating different SIEM products, to get a better understanding of how the billing is set up as a partner. Alien Vault had the best set up for MSPs — the way they are set up for billing and the way they set up their USM account.
Chief Operating Officer / SR. Project Manager at SCS
Real User
2020-07-08T09:01:00Z
Jul 8, 2020
We are a managed security service provider and we offer AlienVault USM to our clients. We use it to monitoring their environments and to maintain their logs.
Sales Solutions Engineer at a tech services company with 201-500 employees
Reseller
2019-04-24T10:55:00Z
Apr 24, 2019
The primary use cases for this solution are log management, security events correlation, and any other enterprise use cases for SIEM (new plugins development, correlation rules development, risk assessment, and asset management).
I.T. Manager at a non-profit with 51-200 employees
Real User
2018-12-23T18:41:00Z
Dec 23, 2018
We use AlienVault to collect all mission-critical logs and to pull data directly from G Suite. It provides our small IT operation with an easy-to-use tool to assess our security operations.
Senior Buyer & Operations Specialist at Nth Generation Computing
Real User
2018-12-17T17:56:00Z
Dec 17, 2018
We have used AlienVault for our security monitoring for threat protection and compliance management. We've seen an improvement against malware and viruses. It has definitely eased our concerns so we can focus on other things.
We use it to gain security visibility and to meet compliance. We're not just a customer but we're a partner as well. We've deployed this into thousands of organizations and we continue to see that happening. It's a great tool.
Manager, Security Operation Center at Ideal Integrations
Real User
2018-11-26T19:38:00Z
Nov 26, 2018
* MDR provider * Logs aggregation * Vulnerability assessments * Some automation. We needed a way to see all of these items under one pane of glass without spending incredible amounts of money on log aggregation, vulnerability assessments, etc., then putting it all together with an IR platform.
AlienVault USM is a single pane of glass solution. It has not only SIEM capabilities but also other capabilities. AlienVault USM Anywhere is easy to deploy with their cloud-based model, and deploying the required agents on-prem (or in the cloud) is quick and easy. USM Anywhere also takes care of reporting for ISO and PCI, allowing you to pull reports for auditors at a moment's notice.
Our initial need which brought us to acquire this solution was to be in compliance with GDPR requirements. Our environment is cloud-based (specifically AWS).
We use AWS for our application platform and wanted a SIEM that was easy to deploy as a service and that had functionality and integrations focused on AWS. We found AlienVault was the best on price vs features and the team at AlienVault worked hard to make sure we were happy during our on-boarding. Features are rolled out fast and issues addressed quickly. The integration of OTX out-of-box and at no additional cost was a real selling point and the AWS features made it a clear winner.
Market Development Manager, Cyber Security Consultant at Abacode
MSP
2018-10-19T17:15:00Z
Oct 19, 2018
As a product-agnostic Managed Security Services Provider (MSSP), AlienVault USM is one of several SIEM solutions we utilize in our Security Operation Center (SOC). We deploy, manage, and monitor the solution for other clients, and we use it for ourselves. As do most SIEMs, AlienVault allows us a central location to monitor the cybersecurity of an IT environment. It's impossible to avoid 100% of attacks, so after setting up defenses, the next best thing is to have 24/7 eyes-on-glass to be able to quickly respond to incidents as they happen.
Consultant at a tech services company with 11-50 employees
Reseller
2018-09-16T12:32:00Z
Sep 16, 2018
Our use of the solution is all over the map. We use it for our own internal use. We use it in our security operations center. We're a reseller, we're an MSSP, and a Professional Services provider, so we do a lot of professional services on the platform. It's a standard SIEM solution and is used for log collection, log management, event correlation, alarming, and reporting.
My company wanted to get software which would be able to monitor resources in AWS, mainly IDS in one cumulative GUI, then add extra requirements with AlienVault match.
Security Systems Administrator at VERTICAL SCREEN, INC
User
2018-02-13T17:45:00Z
Feb 13, 2018
This is a jack of all trades (master of none) SIEM/IDS/vulnerability management/OSSEC/NetFlow solution. We use it primarily as a SIEM and IDS solution.
USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.
Discover
Network asset discovery
Software & services discovery
AWS asset discovery
Azure asset discovery
Google Cloud Platform asset discovery
Analyze
SIEM event correlation, auto-prioritized alarms
User activity monitoring
Up to 90-days of online, searchable events
Detect
Cloud intrusion detection (AWS, Azure,...
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools.
Our customers have three use cases, Log aggregation, correlation, and the SIEM functionalities. Our customers are mostly in the finance and banking sectors.
In my company, we use the solution in our security operation center to monitor the client environment and as a solution that provides us with continuous monitoring ability.
I find that USM Anywhere is not overly complicated and things flow logically. The way it lays out the Microsoft alert and formats the text for you so you can actually read it is very workable.
We use AT&T AlienVault USM as a managed SOC service for our customers to detect and respond to security events and potential incidents.
AlienVault provides a central place for monitoring the logs from various security tools in our environment, such as CrowdStrike and Datrix. It gives us complete visibility into the logs from those tools and endpoints in our environment. We use AlienVault for managing logs and vulnerabilities with tools like CrowdStrike.
We use it for log management, which is connected to our active directory and other servers. It is agent-based and picklocks for our firewall. Every activity on the firewall is recorded, and notifications are sent with this solution.
We are using AT&T AlienVault USM for collecting the events, generating alarms, and events management.
I used it in my previous company. My main use case was to identify the security events. Basically, it was a platform through which we used to monitor threat events for SOC operations. We had its latest version. We used to keep updating it whenever there was a new release. AlienVault was on-prem, and for cloud, we had Wazuh.
We have customers from the retail, industrial, strategic resource, and OT infrastructure sectors who are using AT&T AlienVault USM. The solution has several use cases.
ATT AlienVault USM detects and responds to threats.
AlienVault USM is an SaaS solution offered through the cloud. It's a security incident event management solution that scans logs to look for various security patterns that are shipped to it. Then it alerts us so we can identify trends.
We use it for compliance. We're not using it as a security operation center type of thing. Its usage is more from an auditing standpoint at this point. We partner with them for customers who need something like a SIEM, so we're a cloud provider and integrator. It is deployed on the cloud. It is a combination of AT&T's own cloud and our cloud. We run our own infrastructure. So, it is a hybrid and private cloud.
I am using the solution for security information and event management.
We provide information security services to clients. We are seeking some clients to provide monitoring services by using AlienVault. We are also providing AlienVault USM Anywhere, which is cloud-based and has integration with cloud platforms such as AWS, Azure, and Google Cloud.
The primary use case of this solution is for security.
We were trying to get into the security market to be able to offer something to our clients who are asking for a monitoring event management system. We started looking at what we could offer as an MSP to our clients; that's what drove us into evaluating different SIEM products, to get a better understanding of how the billing is set up as a partner. Alien Vault had the best set up for MSPs — the way they are set up for billing and the way they set up their USM account.
We have three main uses for the solution. They are compliance, incident response, and as a tool for information security.
We primarily use the solution for cybersecurity events and management.
We are a managed security service provider and we offer AlienVault USM to our clients. We use it to monitoring their environments and to maintain their logs.
This is a SIEM solution that our customers use in an on-premises deployment.
The primary use cases for this solution are log management, security events correlation, and any other enterprise use cases for SIEM (new plugins development, correlation rules development, risk assessment, and asset management).
We use AlienVault to collect all mission-critical logs and to pull data directly from G Suite. It provides our small IT operation with an easy-to-use tool to assess our security operations.
We have used AlienVault for our security monitoring for threat protection and compliance management. We've seen an improvement against malware and viruses. It has definitely eased our concerns so we can focus on other things.
We use it to gain security visibility and to meet compliance. We're not just a customer but we're a partner as well. We've deployed this into thousands of organizations and we continue to see that happening. It's a great tool.
* MDR provider * Logs aggregation * Vulnerability assessments * Some automation. We needed a way to see all of these items under one pane of glass without spending incredible amounts of money on log aggregation, vulnerability assessments, etc., then putting it all together with an IR platform.
AlienVault USM is a single pane of glass solution. It has not only SIEM capabilities but also other capabilities. AlienVault USM Anywhere is easy to deploy with their cloud-based model, and deploying the required agents on-prem (or in the cloud) is quick and easy. USM Anywhere also takes care of reporting for ISO and PCI, allowing you to pull reports for auditors at a moment's notice.
Our initial need which brought us to acquire this solution was to be in compliance with GDPR requirements. Our environment is cloud-based (specifically AWS).
We use AWS for our application platform and wanted a SIEM that was easy to deploy as a service and that had functionality and integrations focused on AWS. We found AlienVault was the best on price vs features and the team at AlienVault worked hard to make sure we were happy during our on-boarding. Features are rolled out fast and issues addressed quickly. The integration of OTX out-of-box and at no additional cost was a real selling point and the AWS features made it a clear winner.
We use it for the intrusion protection on our firewall. It's monitoring all our incoming traffic from the outside world through a firewall.
As a product-agnostic Managed Security Services Provider (MSSP), AlienVault USM is one of several SIEM solutions we utilize in our Security Operation Center (SOC). We deploy, manage, and monitor the solution for other clients, and we use it for ourselves. As do most SIEMs, AlienVault allows us a central location to monitor the cybersecurity of an IT environment. It's impossible to avoid 100% of attacks, so after setting up defenses, the next best thing is to have 24/7 eyes-on-glass to be able to quickly respond to incidents as they happen.
Our use of the solution is all over the map. We use it for our own internal use. We use it in our security operations center. We're a reseller, we're an MSSP, and a Professional Services provider, so we do a lot of professional services on the platform. It's a standard SIEM solution and is used for log collection, log management, event correlation, alarming, and reporting.
I use AlienVault to comply with PCI DSS requirements. For on-premises, I am using the AlienVault USM All-In-One 150A Virtual Appliance.
Our primary use case is Security Information and Event Management, as well as forensic analysis.
It's part of our PCI compliance.
Our primary use of AlienVault is as a SIEM tool.
My company wanted to get software which would be able to monitor resources in AWS, mainly IDS in one cumulative GUI, then add extra requirements with AlienVault match.
This is a jack of all trades (master of none) SIEM/IDS/vulnerability management/OSSEC/NetFlow solution. We use it primarily as a SIEM and IDS solution.