• Home
  • Trellix ESM vs. USM Anywhere

Trellix ESM vs USM Anywhere comparison

Cancel
You must select at least 2 products to compare!
Trellix Logo
Trellix ESM
Read 34 Trellix ESM reviews
3,603 views|1,525 comparisons
76% willing to recommend
AT&T Logo
USM Anywhere
Read 113 USM Anywhere reviews
5,644 views|3,733 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Trellix ESM vs. USM Anywhere
May 2024
Executive Summary

We performed a comparison between Trellix ESM and USM Anywhere based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Trellix ESM vs. USM Anywhere Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Daniel Durian
Provides visibility of all the traffic within the company infrastructure
It provides threat monitoring from the Internet and if there is malicious activity on the end-point, the ESM can provide us what host is affected.
Hesham Hameed
Researched Trellix ESM but chose USM Anywhere: Easy to deploy, good integration with OTX, and good at asset discovery and vulnerability scanning
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It is easy to use and deploy. It comes with user-friendly manuals.""Compared to other solutions, the user interface is good.""This solution integrates easily and very well with other technologies.""The support I have received from the vendor has been great.""The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller.""I like the ease of deployment.""It enables us to detect malicious threats, issues, or vulnerabilities in our network.""The solution's technical support is great."

More Trellix ESM Pros →

"AlienVault has an advanced component within one package. With this, we can cover more area with one solution.""On any given day I could give you a different answer regarding the most valuable features of the product. The feature that is most important is the fact that it has a lot of features, that it's not just a log collection and correlation system, that it has a lot of other components built in. The bundle of features is really the killer feature.""The vulnerability scanning is helpful to identify the areas that need patching or fixes installed.""The main menu: You can see everything there, what is happening on the servers, and in the logs, you can view more details of each event.""As we have to service several servers, we can manage them in a economical way, which is beneficial to our team and business.""The other big selling feature for us was its integration capabilities with all the other security-based products.""The setup is very easy and straightforward.""Its powerful correlation engine helps reduce time in manually correlating events."

More USM Anywhere Pros →

Cons
"It cannot integrate with our Next-Generation Firewall and few applications such as Cisco ACI.""There's no software support from McAfee.""I would like to see good analytics in future releases.""The only drawback is that they don't have any packet capturing or network behavior analysis.""It seems McAfee does test its product before releasing. When we - not only us, other companies also - deploy McAfee, we face multiple issues from the customer side, after which, McAfee reacts and fixes the bugs.""It is not a very advanced solution, and it is for very generic use cases. It cannot cope with the advanced requirements that we're going to have. For example, for multiple authentication failures, it is still based on Windows events for detecting multiple login failures, whereas other companies are going beyond and working on implementing two-factor authentication. It is time to correlate the two-factor authentication results with authentification failures, which is not happening with McAfee ESM. The performance of the tool should be improved because it is very slow. The data display on the console is very slow in McAfee ESM. Its data storage is still old-fashioned, and it should be improved and upgraded to the latest versions. They have to come up with some new ideas to match what other leaders in the same domain are doing. For example, in Splunk, when you search for information for the last 60 days or five months, it quickly shows the information, but that is not the case with McAfee. The results should be quicker and faster on the console. They should integrate some additional features such as User Behavior Analytics (UBA) and automation. The threat intelligence part should also be improved on McAfee.""The support from McAfee ESM could improve. They could improve the speed.""Customized reports and alerting functionality could be included in the dashboard."

More Trellix ESM Cons →

"We develop additional rules and scripts to make it more usable.""Maybe logs are the problem, as the database query is too slow. If you want to search something, you need time to find it.""I feel that some areas of improvement would be vulnerability scanning. We use a separate product that seems to do a much better job.""One area that has room for improvement is storage. AllienVault is a good place to put logs, but sometimes it's a tough place to go get logs... The logger can only hold so much data. If they improved that, that would help.""We've had some stability problems, not a lot, but a few. Updates seem to be the worst. That seems to be when the stability problems come up.""It should be able to communicate with other security solutions to stop threats.""For creating new rules, you have to be familiar with regular expressions. I feel there could be something built-in to make sure that process is easier.""The GUI needs to improve because it's not user-friendly."

More USM Anywhere Cons →

Pricing and Cost Advice
  • "You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points."
  • "We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees."
  • "The cost is dependent on the customer's environment and requirements."
  • "The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."
  • "The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."
  • "We renew our license annually."
  • "McAfee is the right choice for a low-budget solution."
  • "The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."

    • More Trellix ESM Pricing and Cost Advice →

  • "AlienVault is flexible on their pricing for unlimited licenses."
  • "Pricing is very competitive with other products and you get much more functionality from AlienVault."
  • "QRadar, ArcSight and Splunk are some of the most expensive SIEM products out there in the market and not everyone has the budget to buy them. In such cases, AV USM is a very cost effective alternative."
  • "Do the one month trial and try to work out the kinks during it, as it has free support and service hours."
  • "We checked out several competitors. For what it can do and the cost, it was the best option!"
  • "Use the AlienVault team. They are helpful and the documentation that they provide is second to none."
  • "​The price point is good.​"
  • "It has good pricing."

    • More USM Anywhere Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    What do you like most about McAfee ESM?
    Top Answer:The solution's technical support is great.
    Read all 22 answers   →
    What is your experience regarding pricing and costs for McAfee ESM?
    Top Answer:The product is slightly expensive. They offer some discount on the purchase of a certain number of nodes. They should give some concession on the license renewal as well.
    Read all 16 answers   →
    What needs improvement with McAfee ESM?
    Top Answer:The integration capabilities of Trellix ESM with SaaS solutions are an area of concern where improvements are needed. When you continue to add solutions from other vendors, you need to look at the… more »
    Read all 20 answers   →
    What do you like most about AT&T AlienVault USM?
    Top Answer:The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
    Read all 33 answers   →
    What is your experience regarding pricing and costs for AT&T AlienVault USM?
    Top Answer:It is a product that is priced in a medium range, making it neither a cheap nor a costly product.
    Read all 33 answers   →
    What needs improvement with AT&T AlienVault USM?
    Top Answer:The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient. A mobile app… more »
    Read all 36 answers   →
    Ranking
    19th
    out of 80 in Security Information and Event Management (SIEM)
    Views
    3,603
    Comparisons
    1,525
    Reviews
    6
    Average Words per Review
    429
    Rating
    7.8
    11th
    out of 80 in Security Information and Event Management (SIEM)
    Views
    5,644
    Comparisons
    3,733
    Reviews
    10
    Average Words per Review
    551
    Rating
    7.7
    Comparisons
    Also Known As
    McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager
    AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
    Learn More
    Trellix
    Video Not Available
    AT&T
    Overview

    Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

    USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

    Discover

    • Network asset discovery
    • Software & services discovery
    • AWS asset discovery
    • Azure asset discovery
    • Google Cloud Platform asset discovery

    Analyze

    • SIEM event correlation, auto-prioritized alarms
    • User activity monitoring
    • Up to 90-days of online, searchable events

    Detect

    • Cloud intrusion detection (AWS, Azure, GCP)
    • Network intrusion detection (NIDS)
    • Host intrusion detection (HIDS)
    • Endpoint Detection and Response (EDR)

    Respond

    • Forensics querying
    • Automate & orchestrate response
    • Notifications and ticketing

    Assess

    • Vulnerability scanning
    • Cloud infrastructure assessment
    • User & asset configuration
    • Dark web monitoring

    Report

    • Pre-built compliance reporting templates
    • Pre-built event reporting templates
    • Customizable views and dashboards
    • Log storage
    Sample Customers
    San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport
    Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
    Top Industries
    REVIEWERS
    Financial Services Firm25%
    Government15%
    Computer Software Company10%
    Healthcare Company10%
    VISITORS READING REVIEWS
    Educational Organization71%
    Computer Software Company5%
    Financial Services Firm4%
    Government4%
    REVIEWERS
    Financial Services Firm22%
    Healthcare Company17%
    Computer Software Company9%
    Comms Service Provider7%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Government8%
    Educational Organization7%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business29%
    Midsize Enterprise15%
    Large Enterprise56%
    VISITORS READING REVIEWS
    Small Business7%
    Midsize Enterprise75%
    Large Enterprise17%
    REVIEWERS
    Small Business54%
    Midsize Enterprise25%
    Large Enterprise21%
    VISITORS READING REVIEWS
    Small Business34%
    Midsize Enterprise19%
    Large Enterprise47%
    Buyer's Guide
    Trellix ESM vs. USM Anywhere
    May 2024
    Free Report: Trellix ESM vs. USM Anywhere
    Find out what your peers are saying about Trellix ESM vs. USM Anywhere and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Trellix ESM is ranked 19th in Security Information and Event Management (SIEM) with 34 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. Trellix ESM is rated 7.4, while USM Anywhere is rated 8.4. The top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Trellix Helix, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Microsoft Sentinel. See our Trellix ESM vs. USM Anywhere report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.