No more typing reviews! Try our Samantha, our new voice AI agent.

CrowdStrike Observability vs USM Anywhere comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CrowdStrike Observability
Ranking in Log Management
22nd
Average Rating
8.0
Reviews Sentiment
4.9
Number of Reviews
8
Ranking in other categories
No ranking in other categories
USM Anywhere
Ranking in Log Management
29th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
115
Ranking in other categories
Security Information and Event Management (SIEM) (29th), Endpoint Detection and Response (EDR) (40th), Compliance Management (14th)
 

Mindshare comparison

As of July 2026, in the Log Management category, the mindshare of CrowdStrike Observability is 0.9%, up from 0.5% compared to the previous year. The mindshare of USM Anywhere is 1.3%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
CrowdStrike Observability0.9%
USM Anywhere1.3%
Other97.8%
Log Management
 

Featured Reviews

HectorRios - PeerSpot reviewer
IT COMMUNICATIONS AND NETWORKS at Américas BPS
Has provided reliable alerts and helped identify infrastructure issues through detailed reporting
The best features of CrowdStrike Observability include the way they show issues to the client or agent, and their data collection method is interesting because they use an agent-less approach in some cases, collecting data from infrastructure such as firewalls. Additionally, they have the agent, but the presentation in the management console is excellent as we have observability end-to-end with the servers and all the services configured in the use cases. The intelligent alerting feature is excellent and configured on our console, being highly effective as it detects real alerts and just warnings or real issues. Identifying performance bottlenecks is important because they collect numerous MD5 or hash keys including movements or playbooks. The way they organize that in the console is excellent, allowing you to have reports detecting issues, which not only includes detection but also provides solutions to those issues.
Kris Nawani - PeerSpot reviewer
Co-Founder/Director at Bangkok MSP Company Limited
Offers complete coverage without the need to install additional software
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools The solution offers complete coverage without the need to install additional software, as it is maintained by the vendor. It helps in saving…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I find the most effective feature of CrowdStrike Observability to be its cloud vision and attack surface vision, which enhance network traffic analysis."
"The best features of CrowdStrike Observability include the way they show issues to the client or agent, and their data collection method is interesting because they use an agent-less approach in some cases, collecting data from infrastructure such as firewalls."
"In the logs and the trajectory, it shows detailed information about where the source of infection comes from, how it travels, and how to reach there."
"The intelligence database provided by CrowdStrike is very impressive."
"CrowdStrike Observability is a signature-less solution where you don't need to update your endpoints or the CrowdStrike Observability agents regularly, and it is completely based on AI and ML search engines."
"The intelligent alerting feature is excellent and configured on our console, being highly effective as it detects real alerts and just warnings or real issues."
"The price is worth it."
"CrowdStrike Observability offers strong predictive analytics capabilities, and the intelligent alerting system helps minimize noise and optimize IT resources effectively."
"The setup is very easy and straightforward."
"Pricing was a very important consideration and lower than the other SIEM solutions evaluated."
"We have benefited greatly due to gaining the visibility we need for different instances."
"The pricing and licensing are at its best in the market when compared with other vendor's SIEM products."
"The pricing for this solution with the 3 major components: SIEM, FIM, and vulnerability scanning, can’t be beat."
"All companies should buy an AlienVault SIEM, as it is well worth the investment."
"Its powerful correlation engine helps reduce time in manually correlating events."
"The main menu: You can see everything there, what is happening on the servers, and in the logs, you can view more details of each event."
 

Cons

"The pricing is very high and small companies cannot afford it. They should reduce the price because the backend infrastructure is the same."
"For reporting or log management, having a longer duration for backup without needing to purchase a paid subscription would be beneficial. Currently, there is a default ninety-day backup period."
"Technical support received a rating of 4 out of 10."
"The areas of CrowdStrike Observability that have room for improvement include the approach towards customer issues, where resolution takes time."
"From the different deployments I have worked with, the shortcomings of CrowdStrike Observability are often because of what clients are able to share with CrowdStrike."
"Integration with Huawei should be more straightforward."
"We had some difficulties at the beginning, but at this moment they are improving, so probably in some months I will give them a ten."
"The customer service is not satisfactory for me. The support is only available in English, and my users in LATAM regions such as Peru and Colombia require local language support, which is not currently provided."
"There could be some type of integration with our existing portal."
"I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins."
"I had some initial issues with some of the upgrades in version, but with the help of their support team, we were able to resolve all of them."
"The configuration is somewhat complex and the interface a bit non-intuitive."
"Plugins could be better utilized, as some of them do not recognize all logs."
"The reporting and dashboards have room for improvement."
"Sometimes the log is unclear, and the report is a bit ambiguous."
"Adding a parsing interface for the customers would make AT&T AlienVault USM better."
 

Pricing and Cost Advice

Information not available
"The price for this solution is very good, but since the features do not work the price is expensive."
"So far, it has been a good solution for a tight budget."
"We pay around $12,000 a year including storage."
"The price of this solution is reasonable, which is one of the reasons why we selected it over other solutions."
"We ran a few PoCs. The price and feature set were the best with AlienVault."
"It has good pricing."
"QRadar, ArcSight and Splunk are some of the most expensive SIEM products out there in the market and not everyone has the budget to buy them. In such cases, AV USM is a very cost effective alternative."
"So far, I feel the product's pricing is a good value. The technology is decent. You get what you pay for. I think it's fair."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
12%
Construction Company
11%
Manufacturing Company
7%
Construction Company
23%
Financial Services Firm
10%
Comms Service Provider
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise3
Large Enterprise3
By reviewers
Company SizeCount
Small Business65
Midsize Enterprise29
Large Enterprise25
 

Questions from the Community

What needs improvement with CrowdStrike Observability?
The product at this moment is really good; CrowdStrike Observability is still working to improve it and they are including new features. At this time, I cannot provide an opinion about what else to...
What is your primary use case for CrowdStrike Observability?
We are currently finishing the configuration of the solution, making the playbooks and configurations with the use cases. From CrowdStrike Observability, we use all the solution including XDR and a...
What advice do you have for others considering CrowdStrike Observability?
We did not use Falcon Sandbox or Falcon Exposure Management. We are using a local partner and they have a marketplace, but we are working with a local partner from Google. We are just customers, no...
What needs improvement with AT&T AlienVault USM?
There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.
What is your primary use case for AT&T AlienVault USM?
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools.
 

Also Known As

No data available
AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
 

Overview

 

Sample Customers

Information Not Available
Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
Find out what your peers are saying about CrowdStrike Observability vs. USM Anywhere and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.