USM Anywhere Reviews

Name: USM Anywhere
Brand: LevelBlue
Rating: 4.2 (115 reviews)

Vendor: LevelBlue

4.2 out of 5

115 reviews
92% willing to recommend

Leave a review

What is USM Anywhere?

USM Anywhere provides centralized logging, vulnerability scanning, and real-time event correlation, enhancing cybersecurity management and compliance with standards like PCI DSS and ISO 27001. It integrates smoothly with third-party applications and offers diverse, flexible deployment options.

Get the USM Anywhere Buyer's Guide and find out what your peers are saying about USM Anywhere, CrowdStrike Falcon, Microsoft Defender for Endpoint and more!

USM Anywhere is the #13 ranked solution in top Compliance Management solutions, #31 ranked solution in top Security Information and Event Management (SIEM) solutions, #36 ranked solution in Log Management Software, and #41 ranked solution in EDR tools. PeerSpot users give USM Anywhere an average rating of 8.4 out of 10. USM Anywhere is most commonly compared to CrowdStrike Falcon: USM Anywhere vs CrowdStrike Falcon. USM Anywhere is popular among the small business segment, accounting for 38% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a construction company, accounting for 21% of all views.

Helped 890,124 peers since 2012

Featured USM Anywhere reviews

Kris Nawani

Co-Founder/Director at Bangkok MSP Company Limited

USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools The solution offers complete coverage without the need to install additional software, as it is maintained by the vendor. It helps in saving…

Read full review

Oluwatoyese Agoro

Information Security Engineer at Infoprive

The only issue that you need to bypass is the issue with integration with some other log sources, some other application security applications. The issue is still present. The process of collecting logs from applications that do not have an alien app or alien routes can be made a little bit better. Once there is no alien app, it's always very difficult to collect logs from third-party applications. So, the process of collecting logs from third-party applications is something that needs to be improved. Also, when it comes to parsing of some logs, I've worked with another solution that has a custom parsing feature that can assist you in creating the custom parsing rule by yourself. But for any of those, USM needs to reach out to the engineering team, which takes months to come up with. There is room for improvement in Log parsing. So when there are logs that are being parsed, we need to create a custom parsing rule to correctly parse some event logs. I've worked with a solution that has a feature that helps you to create custom parsing rules. But for enablement, we need to escalate to their engineering team, which takes months before they can respond and give you that parsing rule.

Read full review

Omer Jamil

Supervisor, Security Operations at Bpm

To those who plan to use the solution, I would suggest that they go through the documentation and online training models available for free, as it can help you deploy the product quickly while also being helpful in areas where there is a need to understand correlation and monitoring. I rate the overall product a seven out of ten.

Read full review

USM Anywhere mindshare

Product category:

As of April 2026, the mindshare of USM Anywhere in the Security Information and Event Management (SIEM) category stands at 1.1%, up from 0.9% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Mindshare Distribution
Product	Mindshare (%)
USM Anywhere	1.1%
Splunk Enterprise Security	7.0%
IBM Security QRadar	5.2%
Other	86.7%

Security Information and Event Management (SIEM)

PeerResearch reports based on USM Anywhere reviews

Type	Title	Date
Category	Security Information and Event Management (SIEM)	Apr 27, 2026	Download
Product	Reviews, tips, and advice from real users	Apr 27, 2026	Download
Comparison	USM Anywhere vs Splunk Enterprise Security	Apr 27, 2026	Download
Comparison	USM Anywhere vs Wazuh	Apr 27, 2026	Download
Comparison	USM Anywhere vs IBM Security QRadar	Apr 27, 2026	Download

Valuable Features

USM Anywhere's most valuable features include event correlation, vulnerability scanning, and integrated threat detection. Users appreciate its centralized log management, ease of deployment, and customizable dashboards. The system's ability to combine SIEM, IDS, and vulnerability assessment tools streamlines security management. The Open Threat Exchange integration and real-time alerts enhance network visibility, making it a preferred choice for compliance and network monitoring. Its scalability and user-friendly interface cater to diverse security needs within organizations.

"AlienVault is a full featured cost effective SIEM that provides quality threat intelligence for a lot less than the competition."
"AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture, the ELK has great performance and very good speed in the search and Kibana, and the visuals and dashboards are very nice and customizable."
"ATT AlienVault USM support is very good, they respond quickly to our needs."

Room for Improvement

USM Anywhere requires improvements in search query functionality and vulnerability scanning efficiency. It suffers from complicated deployment and setup processes. Customization, particularly in rule creation and reports, presents challenges. IPv6 support is limited, and plugin management needs enhancement. Search capabilities are slow, documentation should be clearer, and interface navigation can be confusing. Integration with third-party technologies could be enhanced, and QA before updates is necessary to prevent broken features impacting users.

"I knocked off a point for the learning curve compared to some of the competition and another point for the lack of native user behavior analytics but for the money you really can't do any better."
"The GUI needs to improve because it's not user-friendly."
"Technical support has been okay. It hasn't been great."

ROI

Many find ROI from USM Anywhere to be positive, valuing intelligence gathered and time saved over direct financial gain. Users note significant reduction in security alert response time, cost savings on cybersecurity purchases, and manpower efficiency. Some mention benefits in meeting compliance needs and consolidation of log monitoring, enhancing alerts. For academic partners, it offers students practical exposure. Calculating exact ROI is challenging due to variables in prevented incidents.

Pricing

AlienVault USM Anywhere offers competitive pricing, making it affordable for both SMBs and enterprises. Users find its scalability and bundled features valuable, often surpassing more costly alternatives like Splunk and QRadar. Pricing is flexible, based on devices managed rather than events per second, and AlienVault frequently negotiates on costs. Unlimited endpoint licenses are advisable for large setups. Overall, its cost-effectiveness and comprehensive functionality make it an attractive choice for varied organizational needs.

"It's affordable for most customers."
"It's saved security costs."
"It is a product that is priced in a medium range, making it neither a cheap nor a costly product."

Popular Use Cases

Organizations primarily utilize USM Anywhere for log management, threat detection, and SIEM functionality, integrating it within their existing security infrastructure for enhanced visibility and compliance. It supports cloud, on-premise, and hybrid deployments, aiding in asset management and vulnerability assessments. Many employ it for forensic analysis and incident response, benefiting from its centralized logging, correlation, and alert capabilities. This tool is favored by MSSPs and MSPs for efficient monitoring of client environments and maintaining stringent security protocols.

Service and Support

USM Anywhere offers strong customer service and support, praised for helpful and knowledgeable personnel. Some users highlight quick response times and effective issue resolution, while others experience delayed responses and inconsistent quality. Technical support often excels in technical expertise, with successful handling of complex configurations and system troubleshooting. However, some users mention relying more on community resources for certain questions. Overall, the experience widely varies based on individual interactions and representatives.

Deployment

USM Anywhere's initial setup is often described as straightforward. Many find it easy to deploy, especially with guidance, despite its complexity for advanced configurations. While basic setup can be done quickly, maximizing features and customizing may require technical knowledge. Users appreciate the documentation and support available but note that understanding system intricacies takes time. Some entities choose professional assistance for setup, while others leverage training for better outcomes.

Scalability

USM Anywhere demonstrates extensive scalability, handling diverse environments efficiently. Users appreciate its ability to adapt with minimal issues, although some encounter limitations with large enterprises or high data volumes. Many benefit from cloud-based architecture, ensuring ease of scaling. While a few address specific performance restrictions when exceeding certain capacities, adding sensors or upgrading infrastructure resolves most challenges. USM Anywhere effectively supports small to medium businesses, with occasional adjustments required for larger deployments.

Stability

Users report mixed experiences with USM Anywhere's stability. Many mention a stable experience with minimal disruptions, while some note issues during updates and with high-volume log processing. Support services are praised for resolving problems effectively. Hardware adequacy and network setup are crucial for optimal performance. Scalability features are appreciated, yet some found upgrades challenging, particularly concerning sensor and logging configurations. Stability ratings often vary, but many users find it sufficient for their needs.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our USM Anywhere Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	58
Midsize Enterprise	26
Large Enterprise	19

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	139
Midsize Enterprise	123
Large Enterprise	100

By visitors reading reviews

Top industries

By visitors reading reviews

Construction Company

21%

Financial Services Firm

10%

Comms Service Provider

Computer Software Company

Performing Arts

Manufacturing Company

Healthcare Company

Transportation Company

Marketing Services Firm

Outsourcing Company

Educational Organization

Retailer

Government

Energy/Utilities Company

University

Legal Firm

Insurance Company

Wellness & Fitness Company

Real Estate/Law Firm

Consumer Goods Company

Recreational Facilities/Services Company

Media Company

Non Profit

Security Firm

Hospitality Company

Logistics Company

Wholesaler/Distributor

Recruiting/Hr Firm

Renewables & Environment Company

Compare USM Anywhere with alternative products

Learn more about USM Anywhere

USM Anywhere stands out for its integrated network and host IDS, asset management, and intuitive deployment that enhances efficiency. The platform simplifies security tasks by offering a comprehensive view that aids in compliance and aligns with security regulations such as PCI and GDPR. Despite its strengths, areas like IPv6 support, custom rule creation, and reporting require attention. Users note awkward reporting features and limited integration options. Enhancements are needed in threat detection and vulnerability scanning for faster response times and better support.

What are the key features of USM Anywhere?

Centralized Logging: Streamlines log collection across environments for easy analysis.
Vulnerability Scanning: Identifies potential security gaps in systems and networks.
Real-time Event Correlation: Detects and correlates security events efficiently.
Network IDS and Host IDS: Provides intrusion detection at both network and host levels.
Asset Management: Manages and tracks company assets seamlessly.

What benefits and ROI can users expect?

Enhanced Compliance: Aligns security measures with standards like PCI DSS and ISO 27001.
Improved Efficiency: Simplifies deployment and interface, saving time and resources.
Security Management: Offers comprehensive monitoring for better security posture.
Flexible Integration: Connects with third-party applications to extend functionality.

In industries such as cloud services and enterprise security, USM Anywhere is used extensively for SIEM, managing logs, and detecting security incidents. It supports AWS environment monitoring, providing managed services to clients and facilitating compliance with standards like PCI and GDPR.

USM Anywhere was previously known as AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity.

USM Anywhere customers

Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	3.3%	97%	141 interviews Add to research
Microsoft Defender for Endpoint	4.1	N/A	95%	213 interviews Add to research

Author info	Rating	Review Summary
Co-Founder/Director at Bangkok MSP Company Limited	4.0	I use USM Anywhere primarily for threat detection and investigation, benefiting from its built-in threat intelligence and investigation tools. However, it faces scalability issues with a 60 TB limit. Despite this, I find it offers a favorable ROI.
Information Security Engineer at Infoprive	4.0	Our customers in finance and banking use USM Anywhere for log aggregation, correlation, and SIEM. It excels in security features and asset discovery but needs better integration with certain applications and improved log parsing. It effectively reduces security costs by preventing hacks.
Supervisor, Security Operations at Bpm	3.5	In my company, we use USM Anywhere for continuous monitoring due to its easy deployment and third-party integrations. Though it needs better vulnerability scanning and a mobile app, we chose it over Splunk for cost efficiency and MSSP program benefits.
Chief Information Security Officer at a computer software company with 51-200 employees	4.0	I primarily used AlienVault for IDS, logs, and correlation, finding it stable, scalable, and easy to integrate. Despite not fully utilizing all its features, I rate this affordable and comprehensive solution 8/10.
GISO - Global Information Security Officer at Beyon Connect	4.0	I found AlienVault highly valuable for its unique integrated vulnerability assessment, affordability, and ease of use, supported by great customer service. It was stable and scalable. My main suggestion is to broaden its threat intelligence capabilities with premium sources.
Senior Security Information Manager at agiito	3.5	I find USM Anywhere user-friendly and logical, with valuable compliance features and direct log file access. However, it depends on community data, which can be unreliable. I've used solutions like QRadar and ArcSight but prefer USM for its simplicity.
Senior Talent Sourcer, Digital at Digitaltrack	4.5	<p>I use AT&T AlienVault USM as a managed SOC service to detect and respond to security events for our customers. The implementation is easy, but improvement is needed in reporting and dashboards. I haven't considered other solutions or providers.</p>
Cyber Security Analyst at DIgital Sentry Ltd	3.5	We rely on AlienVault for central log monitoring from security tools like CrowdStrike, benefiting from enhanced visibility. However, it lacks automatic threat response capabilities. Transitioning from an open-source solution to USM, we found Elastic Security challenging to implement.

USM Anywhere Reviews

What is USM Anywhere?

Featured USM Anywhere reviews

USM Anywhere mindshare

PeerResearch reports based on USM Anywhere reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare USM Anywhere with alternative products

Learn more about USM Anywhere

USM Anywhere customers

Related questions

Product Categories

Popular Comparisons