We just raised a $30M Series A: Read our story
2017-10-11T08:40:00Z

What needs improvement with AT&T AlienVault USM?

17

Please share with the community what you think needs improvement with AT&T AlienVault USM.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
Guest
2626 Answers

author avatar
Top 20MSP

I don't have any suggestions for improvement. On our side, as a provider, we should develop a real security operation center type of practice, which we don't have right now. There could be some type of integration with our existing portal. We have our own customer portals, and it would be good if there was an integration so that our portal can provide reports. There could be some type of API into the AlienVault system with the USM system so that it is easy to show the customers high-level reports of the system through our portal.

2021-07-04T11:19:34Z
author avatar
Top 20Real User

This solution has too many issues with integration with other technologies. For example, you can configure the solution to integrate with your technology today but tomorrow it will stop working. You have to continually update the login, save the issue, and create a ticket with support. It is a long process that takes too long for the support to resolve quickly. In the future, I would like to see all these features of the solution working properly.

2021-04-01T09:42:53Z
author avatar
Top 20Real User

Its reporting tools need improvements. It would be good if they can provide integration with other ticketing systems. Currently, we only have integration with Slack and Jira. It is also a bit slow, and its replication engine can be improved.

2021-01-26T10:49:18Z
author avatar
Top 20Real User

The solution is very user-friendly, but the dashboard could be improved as well as the level of customization.

2021-01-03T10:42:00Z
author avatar
Top 20Real User

I'd like to see a dashboard that's a little more descriptive. We can customize the dashboards, but the out-of-the-box dashboards are kind of bland. Since we give our customers access to their dashboards, it would be nice if they were a little bit more intuitive. We can go easily drill into it and show them everything, but the customer just sees the writing on the page. I'd like to see them dress up their out-of-the-box dashboard a little bit. We have the ability to do a lot of that. Since they have this image — they have a strong MSP program. I would love to see them allow branding, which they don't at this point.

2020-11-18T06:20:55Z
author avatar
Top 20Reseller

The solution could be improved in three ways. The first one is user behavioral analytics. They need work. The second one is cloud-related usage. The solution already has quite good tools, however, they need better integration tools for linking with Office 365, Google Suite, and so on. The third one improvement could be a bit more customization for security products. If someone has an antivirus where it is customizable they need to have the ability to easily connect everything together.

2020-10-27T06:28:59Z
author avatar
Top 5Reseller

The solution is a bit complicated. It could be simplified quite a bit. The correlation engine could be improved. Much improvement could be made there, as it is an important open-source solution. The solution could benefit from including security orchestration. It's still not available yet. It would be really nice to have in a future release. It could use something like a pen test. Tools like that would make it more comprehensive from a cybersecurity aspect.

2020-10-27T06:28:59Z
author avatar
Top 20Real User

They set aside a lot of the functionality from the on-premises version that we found very helpful in managing tickets. As it is now, the cloud-based deployment is lacking these useful features. The reporting is mediocre and is something that needs to be improved.

2020-07-08T09:01:00Z
author avatar
Real User

This solution could be easier to use. It is hard for some people to understand, and they need to get training and certification just to understand what it's showing them.

2019-08-12T05:55:00Z
author avatar
Top 5LeaderboardReseller

Having automatic agent deployment would be a great feature. It would be nice to see some machine learning and monitoring of the configuration in network devices.

2019-04-24T10:55:00Z
author avatar
Real User

Long-term I'm genuinely concerned about AT&T's ownership of AlienVault. I have never had a good relationship with AT&T in +15 years, and fear they will destroy this good product.

2018-12-23T18:41:00Z
author avatar
Real User

The only recommended changes I can think of is to have the ability to filter logs. Also, being able to navigate the dashboard. That seems to have been quite a challenge.

2018-12-17T17:56:00Z
author avatar
Real User

One area that has room for improvement is storage. AllienVault is a good place to put logs, but sometimes it's a tough place to go get logs. AlienVault has three components to it, a sensor, a server, and a logger. Sensors grab data, servers correlate data, and loggers store data. The logger can only hold so much data. If they improved that, that would help.

2018-12-12T10:23:00Z
author avatar
Real User

The support could absolutely be better. It seems to have gotten worse with the AT&T acquisition. We have been hearing some not so great things from our associates in the field as well.

2018-11-26T19:38:00Z
author avatar
Real User

While it is relatively easy to use, it takes a little time to get used to where everything is located in the web interface. I do wish that their support would help a bit more with the analysis of alarms.

2018-11-13T13:52:00Z
author avatar
Consultant

Taking into account that server access credentials are controlled by the tool, some more management-focused actions could be performed from AlienVault.

2018-11-06T17:35:00Z
author avatar
Real User

We would love to be able to create custom rules based on a series of events, to create rule-sets where, for example, failed logins to the VPN Server are logged and then when a successful attempt follows soon after, it triggers an alarm for a Brute Force. It does this for things like OKTA already, so control over which events this applies to would be great.

2018-10-29T09:48:00Z
author avatar
Real User

The only that I can think of is that is not ideal is sending Windows Server logs to their device, to the system. That has to be done on each server. I don't know if they have changed that.

2018-10-21T07:40:00Z
author avatar
User

Although they use machine learning, the algorithms that they use are graph-based. Their AI/ML capabilities could be improved a bit.

2018-10-19T17:15:00Z
author avatar
Reseller

Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on it. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies. Also, there is no visibility into the NIDS or HIDS agent configurations and no easy way to augment them. The same is true for vulnerability scanning, it's all or nothing; there are no fine-grain controls as there was in their older product. There is a lack of "real" visibility into the correlation rules, and the inability to create our own sophisticated rules (only very simple ones) is a big miss.

2018-09-16T12:32:00Z
author avatar
User

* They should improve the reporting capabilities. * Different functions to customize reports should be added. * Export features should not be limited to spreadsheets (.XLS) only.

2018-08-29T14:16:00Z
author avatar
Real User

The reporting module could be a little easier to handle, as it requires quite some trial and error until you get the reports you want. Also, it would be great to have a graphical interface for the Network Intrusion Detection System's rule management.

2018-08-16T08:29:00Z
author avatar
Real User

Honestly, the product itself is great. The only room for improvement I can mention is the initial installation procedures. I found that the online installation instructions for the product were missing important details, they lacked necessary steps. The product itself is fine.

2018-08-12T06:33:00Z
author avatar
Real User

* Plugins could be better utilized, as some of them do not recognize all logs. * We could add little more customization to dashboards.

2018-06-06T07:15:00Z
author avatar
User

Many of the tasks on features are useless in our situation. NetFlow is worthless. Many of the built-in correlation engine solutions are just okay.

2018-02-13T17:45:00Z
author avatar
User

It should be able to communicate with other security solutions to stop threats.

2017-10-11T08:40:00Z
Learn what your peers think about AT&T AlienVault USM. Get advice and tips from experienced pros sharing their opinions. Updated: December 2021.
554,529 professionals have used our research since 2012.