Forrester Says that AlienVault “Challenges” Enterprise SIEM vendors

Forrester just released their “Security Analytics Wave” report that evaluates Security Analytics/SIEM technologies used by large enterprises (5000+ employees).  

I am super excited that AlienVault was included for the first time and placed as a “Challenger”. This is quite incredible if you think about it. To include AlienVault as a challenger in a group of vendors that provide big data platforms to large enterprises is a major note on the state of the market.  

AlienVault has always taken a contrarian approach to traditional SIEM/big data based security techniques.  We do not require our users to set up data lakes, or train machine learning algorithms - instead we make it as simple as possible to quickly detect threats, efficiently respond to breaches and manage compliance.   We provide a SaaS platform to remove the administrative overhead of a big data product, we integrate the essential security capabilities most customers need and our Labs team delivers Threat Intelligence on a daily basis to train all of the technologies in our platform.  The result is that 46% of our customers are investigating an alarm within 24 hours!! In contrast, it takes days maybe more to just deploy and populate a big data store leave alone constructing analytics workflows.

In our early years we quickly gained a large, loyal following in organizations with less than 5000 employees.  Our approach has helped security champions in more than 7000 organizations around the world along with over 80000 subscribers to our Open Threat Exchange (OTX).  In fact, Forrester did an objective analysis of the impact USM Anywhere has had on some real world users of the product. They found that there was an 80% reduction in the time spent on ‘security engineering’ (time spent deploying, maintaining, integrating security technology), an 80% improvement in the time to detect an incident and an average of 6000 hours a year saved on their audits (2.5 full time employees!).  You can find this report here

Our inclusion in the Wave reflects that our value proposition is now resonating with a broader set of customers by making a noticeable dent in ‘traditional’ approaches that require a security team to procure, deploy, integrate security controls into a data lake and research teams to stay current on threats and tune AI and ML algorithms.  In addition, organizations need an operations team to continuously monitor dashboards and respond to the threats. This approach is heavy in technology and heavy in people - it is exactly what we set out to solve with USM Anywhere.

As we continue our evolution and become AT&T Cybersecurity it gives us access to one of the world’s largest cyber-security operations. We look forward to leveraging this knowledge to improve the USM Anywhere platform, deliver new capabilities and expand our threat intelligence to disrupt the status quo and help organizations of all sizes strengthen and simplify their security postures.

To learn more about the USM Anywhere platform, you can take a look at our interactive demo ( or call us (



Article Link:“Challenges”-Enterprise-SIEM-vendors