USM Anywhere vs Wazuh comparison

USM Anywhere
Read 113 USM Anywhere reviews
  • 4,007 Views
  • 2,637 Comparison Views
92% willing to recommend
Wazuh
Read 38 Wazuh reviews
  • 38,691 Views
  • 21,066 Comparison Views
75% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jan 9, 2023

We performed a comparison between AT&T AlienVault USM and Wazuh based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Most users of both solutions report that their initial setup is straightforward.
  • Features: Users of both products are happy with their monitoring features, but both find the solutions’ stability and scalability can be an issue.

    AT&T AlienVault USM users like the solution’s monitoring, reporting, and vulnerability management. Reviewers mention they would like to see more integrations, more compliance management capabilities, and an improved threat intelligence platform.

    Wazuh users like its analysis tools but say it doesn’t always detect attacks. Users also say its missing threat intelligence and that it would be helpful to see more Kubernetes security and log integrations.
  • Pricing: AT&T AlienVault USM users say the product is affordable. Wazuh is open-source and free of charge but offers paid support.
  • Service and Support: Most users of both solutions are satisfied with the level of support they receive.
  • ROI: AT&T AlienVault USM users mention a positive ROI while Wazuh users do not mention it.

Comparison Results: The main difference between the two products is that Wazuh users say the product is missing threat intelligence. In addition, Wazuh users do not mention an ROI. For these reasons, AT&T AlienVault USM is the winner in this comparison.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed USM Anywhere vs. Wazuh Report (Updated: April 2024).
Buyer's Guide
USM Anywhere vs. Wazuh
April 2024
Download the complete report
Helped 787,061 peers since 2012
 

Categories and Ranking

USM Anywhere
Ranking in Log Management
17th
Ranking in Security Information and Event Management (SIEM)
13th
Average Rating
8.4
Number of Reviews
113
Ranking in other categories
Endpoint Detection and Response (EDR) (31st), Compliance Management (8th)
Wazuh
Ranking in Log Management
2nd
Ranking in Security Information and Event Management (SIEM)
3rd
Average Rating
7.4
Number of Reviews
38
Ranking in other categories
Extended Detection and Response (XDR) (3rd)
 

Market share comparison

As of June 2024, in the Log Management category, the market share of USM Anywhere is 0.8% and it decreased by 76.7% compared to the previous year. The market share of Wazuh is 20.2% and it increased by 4.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
Unique Categories:
Security Information and Event Management (SIEM)
1.3%
Endpoint Detection and Response (EDR)
0.2%
Extended Detection and Response (XDR)
17.0%
 

Featured Reviews

SL
Apr 11, 2023
Easy to deploy, stable, and affordable
There are two criteria that I consider when evaluating products: "value for money" and "fit for purpose." The AT&T AlienVault USM satisfies both of these criteria. While we could potentially obtain better SIEM solutions by spending more, we must consider the cost. The SIEM is only one part of the overall model, and the efficiency of the response is also influenced by the people and processes behind it. Therefore, the tool alone cannot guarantee an efficient response. However, the AT&T AlienVault USM performs adequately in this regard, and I have not encountered any significant issues with it so far. Even with superior solutions such as Splunk, the effectiveness of the tool ultimately depends on the proficiency of the monitoring team. Therefore, I assign one-third of the overall value or a maximum of 40 percent to the tool's value if it accounts for 100 percent of the efficiency. In comparison to other products, the AT&T AlienVault USM is relatively good. On a scale of one to ten, I would rate the solution a nine out of ten. I would not recommend this solution for on-premises deployment or for large organizations due to the need for a well-designed architecture for implementation. However, I would recommend this solution for cloud deployment and for small to medium-sized organizations.
Read full review
Md Salim Hossain Hossain - PeerSpot reviewer
Jan 31, 2024
An open-source platform to integrate various products
We use Wazuh for the onboarding of both Windows and Linux machines, as well as for firewall and SIM configuration. The IP address is automatically blocked if a server has multiple wrong passwords Wazuh can integrate with various open-source and paid products, allowing for flexibility in…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable."
"This solution can completely detect and prevent incidents on your network."
"The other big selling feature for us was its integration capabilities with all the other security-based products."
"The new cloud-based panel is excellent both for client review as well as for our SOC to review and respond to threats. It is much easier to configure and use than the previous solution from AlienVault.​"
"The AlienVault solution has enabled us to create a SOC on a budget with smaller than usual staff requirements, offering a wider range of solutions for our customers."
"Asset discovery seems to be good."
"There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems."
"The USM is a work horse, no matter what devices or the number of logs we throw at it, the system processes them in real time, correlates the events, and alerts on only events that need human review."
More USM Anywhere pros
"The product’s interface is intuitive."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"The most valuable feature of Wazuh is the ELK for doing an investigation."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
"If they support a solution, it is easy to do an integration."
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering behaviors."
"Its cost-effectiveness is the most valuable aspect."
"I like that the solution is on top of the Kubernetes stack."
More Wazuh pros
 

Cons

"I've been using it just for my own personal upskilling in terms of how the product works. At the moment, it is pretty straightforward and simple, and it is working how it is supposed to. The feedback would come once it is deployed to customer sites. They'll be using it on a more frequent basis, and that's when the feedback would come in terms of the areas in which they're facing issues or are looking for simplicity."
"I've been told that AlienVault doesn't have a full version of NES running in there, but I'm not sure if that's accurate or if my engineer made it that way. I'm not sure he was completely honest either because we had NES in the environment before. Those tools could be improved because AlienVault is a SIEM, and it added all these other features."
"I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins."
"The only complex area of the setup was writing the custom scripts."
"The dashboard could be improved as well as the level of customization."
"AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive."
"AlienVault needs to continue to integrate with other third-party technologies that clients want to have monitored."
"Adding a parsing interface for the customers would make AT&T AlienVault USM better."
More USM Anywhere cons
"Wazuh should come up with more in-built rules and integrations for the cloud."
"The tool doesn't detect anomalies or new environments."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"A lack of certain features creates limitations."
"A more structured approach, perhaps with modular UI components, to facilitate easier integration and navigation within the Wazuh platform for custom integrations would be beneficial."
"Some features, like alerting, are complex with Wazuh."
"While it is scalable, it can suffer from reduced latencies."
More Wazuh cons
 

Pricing and Cost Advice

"AlienVault is flexible on their pricing for unlimited licenses."
"It is a product that is priced in a medium range, making it neither a cheap nor a costly product."
"The licensing fees are dependent on usage."
"I rate the price of AT&T AlienVault USM a four out of five."
"So far, it has been a good solution for a tight budget."
"I don't know exactly, but I know it is based on the number of logs and the retention duration, such as 30 days or something like that. So, the smallest package is about 500 a month for 30 days of logs. There is a virtual machine. You need resources for it. It is a log collecting VM. They provide the software, and you just have to load a virtual machine. So, you're going to incur some CPU RAM and storage for wherever this log collecting appliance is running, which typically is in our cloud and on our platform for the customer."
"Its price is much lower than McAfee ESM."
"So far, I feel the product's pricing is a good value. The technology is decent. You get what you pay for. I think it's fair."
More USM Anywhere pricing and cost advice
"Wazuh has a community edition, and I was using that. It's free and open source."
"We use the free version of Wazuh."
"Wazuh is a cheaply priced product."
"Wazuh is not an expensive solution."
"Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
"Wazuh is a good tool, but the open-source version has scalability limitations."
"The solution's cost is above the average."
"The current pricing is open source."
More Wazuh pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
See recommendations
787,061 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Government
8%
Educational Organization
8%
Financial Services Firm
7%
Computer Software Company
17%
Comms Service Provider
8%
Government
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about AT&T AlienVault USM?
The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
See all answers
What is your experience regarding pricing and costs for AT&T AlienVault USM?
It is a product that is priced in a medium range, making it neither a cheap nor a costly product.
See all answers
What needs improvement with AT&T AlienVault USM?
The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient. A mobile a...
See all answers
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
See all answers
What needs improvement with Wazuh?
I have built some rules that produce duplicate alerts two or three times. Therefore, these rules should be consolidated. Alerts should be specific rather than repeatedly triggered by integrating mu...
See all answers
What is your primary use case for Wazuh?
We use Wazuh for the onboarding of both Windows and Linux machines, as well as for firewall and SIM configuration. The IP address is automatically blocked if a server has multiple wrong passwords.
See all answers
 

Comparisons

AlienVault OSSIM vs USM Anywhere Logo
AlienVault OSSIM vs USM Anywhere
Compared 12% of the time
IBM Security QRadar vs USM Anywhere Logo
IBM Security QRadar vs USM Anywhere
Compared 9% of the time
Splunk Enterprise Security vs USM Anywhere Logo
Splunk Enterprise Security vs USM Anywhere
Compared 9% of the time
Microsoft Sentinel vs USM Anywhere Logo
Microsoft Sentinel vs USM Anywhere
Compared 8% of the time
LogRhythm SIEM vs USM Anywhere Logo
LogRhythm SIEM vs USM Anywhere
Compared 5% of the time
More USM Anywhere Competitors
Elastic Security vs Wazuh Logo
Elastic Security vs Wazuh
Compared 15% of the time
Security Onion vs Wazuh Logo
Security Onion vs Wazuh
Compared 14% of the time
AlienVault OSSIM vs Wazuh Logo
AlienVault OSSIM vs Wazuh
Compared 11% of the time
Splunk Enterprise Security vs Wazuh Logo
Splunk Enterprise Security vs Wazuh
Compared 10% of the time
Graylog vs Wazuh Logo
Graylog vs Wazuh
Compared 6% of the time
More Wazuh Competitors
 

Product Reports

Buyer's Guide
USM Anywhere
May 2024
USM Anywhere reportDownload USM Anywhere product report
Buyer's Guide
Wazuh
May 2024
Wazuh reportDownload Wazuh product report
 

Also Known As

AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
No data available
 

Learn More

AT&T
Wazuh
 

Overview

USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

Discover

  • Network asset discovery
  • Software & services discovery
  • AWS asset discovery
  • Azure asset discovery
  • Google Cloud Platform asset discovery

Analyze

  • SIEM event correlation, auto-prioritized alarms
  • User activity monitoring
  • Up to 90-days of online, searchable events

Detect

  • Cloud intrusion detection (AWS, Azure, GCP)
  • Network intrusion detection (NIDS)
  • Host intrusion detection (HIDS)
  • Endpoint Detection and Response (EDR)

Respond

  • Forensics querying
  • Automate & orchestrate response
  • Notifications and ticketing

Assess

  • Vulnerability scanning
  • Cloud infrastructure assessment
  • User & asset configuration
  • Dark web monitoring

Report

  • Pre-built compliance reporting templates
  • Pre-built event reporting templates
  • Customizable views and dashboards
  • Log storage

Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.

It consists of an endpoint security agent and a management server. Additionally, Wazuh is fully integrated with the Elastic Stack, allowing users the ability to navigate through security alerts via a data visualization tool.

  • Wazuh’s agent can run on many different platforms, and is lightweight. It can successfully perform the tasks needed to detect threats in order to trigger responses automatically.
  • Wazuh manages the agents, can analyze agent data, and can scale horizontally.
  • Elastic Stack is where alerts are indexed and stored.

Wazuh Capabilities

Some of Wazuh’s most notable capabilities include:

  • Intrusion detection: Wazuh’s agents can detect hidden files, cloaked processes, or unregistered network listeners, as well as inconsistencies in system call responses. Wazuh’s server component uses a signature-based approach to intrusion detection, using its regular expression engine to analyze collected log data and look for indicators of compromise.

  • Log data analysis: Wazuh can read operating system and application logs, and securely forward them to a central manager for rule-based analysis and storage.

  • Integrity monitoring: File integrity monitoring can help identify changes in content, ownership, permissions, and attribute of files. Wazuh’s file integrity monitoring can be used in conjunction with threat intelligence.

  • Vulnerability detection: Wazuh agents can identify well-known vulnerable software so you can see where your weak spots are and take action before an attack can exploit them.

  • Configuration assessment: System and application configurations are monitored to make sure they are compliant with security policies. Periodic scans are used to detect applications that are known to be vulnerable, insecurely configured, or unpatched.
  • Incident response: Wazuh responds actively when active threats need to be addressed. It can perform countermeasures like blocking access to a system when a threat source is identified.

  • Regulatory compliance: Wazuh includes the security controls required to be compliant with industry regulations and standards.

  • Cloud security: Wazuh’s light-weight and multi-platform agents are commonly used to monitor cloud environments at the instance level. In addition, Wazuh helps monitor cloud infrastructure at an API level.

  • Security for containers: With Wazuh, you have increased security visibility into hosts and containers, allowing for easier detection of threats, anomalies, and vulnerabilities.

Wazuh Benefits

Some of the most valued benefits of Wazuh include:

  • No vendor lock-in
  • No license costs
  • Uses lightweight, multi-platform agents
  • Free community support

Wazuh Offers

  • Annual support and maintenance
  • Assistance with deployment and configuration
  • Training and instructional hands-on courses

Reviews From Real Users

"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions." - Robert C., IT Security Consultant at Microlan Kenya Limited

The MITRE ATT&CK correlation is most valuable.” - Chief Information Security Officer at a financial services firm

 

Sample Customers

Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
Information Not Available
Buyer's Guide
USM Anywhere vs. Wazuh
April 2024
Free Report: USM Anywhere vs. Wazuh
Find out what your peers are saying about USM Anywhere vs. Wazuh and other solutions. Updated: April 2024.
DOWNLOAD NOW
787,061 professionals have used our research since 2012.
See our USM Anywhere vs. Wazuh report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.