Tired of Rising Costs &
Support Delays?

AlienVault was acquired by AT&T in 2018, rebranded to AT&T Cybersecurity, and then spun off again in 2024 as a new entity called LevelBlue. The original AlienVault USM product still exists under the LevelBlue name, but the branding changes have created confusion around licensing, support contacts, and product direction. If you are searching for "AlienVault," you are now looking at LevelBlue.

The core technology descends from AlienVault USM, but LevelBlue has repositioned the product with updated pricing and packaging. The platform still offers SIEM, asset discovery, and threat intelligence (OTX), though the support experience and pricing structure have changed under each successive rebrand. G2 and Gartner Peer Insights reviews from former AlienVault users note cost increases and slower support response times following each ownership transition. A mid-sized healthcare company switched from AlienVault to Blumira after growing frustrated with service decline following AT&T's acquisition (blumira.com/blog/mid-sized-healthcare-company).

AlienVault USM was originally built for SMBs, and that is exactly where Blumira operates today. The key difference is that Blumira includes a 24/7 SecOps team that triages alerts, maintains detection rules, and provides guided response playbooks alongside automated response actions. AlienVault (now LevelBlue) requires your team to handle most of that work internally. Blumira also provides automated response actions that can contain threats in progress, not just documenting what happened after the fact. Blumira deploys in a single afternoon and uses flat-rate pricing per employee with unlimited data ingestion.

Blumira supports pre-built integrations for the most common log sources that AlienVault customers typically connect, including firewalls, endpoint agents, cloud platforms (AWS, Azure, Microsoft 365), and identity providers. Blumira's 24/7 SecOps team provides hands-on migration support, reviewing your existing detection coverage and building custom detection rules to fill any gaps during the transition.

AlienVault's pricing increased (per G2 and Gartner Peer Insights user reviews, 2023-2025) after the AT&T acquisition and again under LevelBlue, with costs tied to data volume and asset counts. Blumira charges a flat rate per employee with unlimited data ingestion, so your bill does not spike when you add log sources or increase volume. One year of searchable log retention comes at no extra cost.

If you relied heavily on AlienVault's built-in vulnerability scanning or its OTX threat intelligence community feeds for custom correlation rules, Blumira does not include built-in vulnerability management or a public threat intel exchange. Blumira does not offer in-platform query customization for teams that want to write and manage detection rules using their own query syntax. Blumira does partner on custom detection requests through its security operations team.

Most Blumira deployments complete in a single afternoon. The platform uses pre-built cloud connectors and syslog collection that cover the same log sources AlienVault typically ingested. You do not need to recreate detection rules manually. Blumira's security operations team provides direct migration support, reviewing your existing detection coverage and building custom rules for any gaps. For organizations without dedicated IT security staff, Blumira can be deployed through an MSP partner who manages the platform on your behalf.