Elastic Security vs USM Anywhere comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo
9,632 views|7,329 comparisons
Elastic Logo
19,663 views|16,422 comparisons
AT&T Logo
5,647 views|3,888 comparisons
Comparison Buyer's Guide
Executive Summary
Updated on Jul 20, 2023

We performed a comparison between Elastic Security and USM Anywhere based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Features: Elastic Security is commended for its adaptability, extensive customization options, and seamless integration with the ELK Stack. USM Anywhere is highly regarded for its extensive reporting capabilities, thorough vulnerability assessment, seamless file integration, and user-friendly management features. Elastic Security could improve by reducing resource usage, automating threat response, and simplifying the user experience. USM Anywhere users have suggested improvements in self-service plugin management, database optimization, and third-party threat intelligence integration.

  • Service and Support: Some Elastic Security users found their support helpful, while others experienced difficulties and delays. Some users say that USM Anywhere's customer service is knowledgeable and responsive, while others have faced delays and incomplete answers.

  • Ease of Deployment: Elastic Security generally has a straightforward setup but may require trained specialists. USM Anywhere's initial setup is generally considered to be straightforward if the user has technical knowledge. Vendor assistance is also available during the deployment phase.

  • Pricing: Elastic Security is considered affordable and cost-effective, with pricing based on the size of the monitored environment. USM Anywhere has garnered favorable feedback regarding its ROI.

  • ROI: Elastic Security has shown mixed results in terms of ROI, with some users expressing concerns about the quality of their premium support. USM Anywhere has garnered favorable feedback regarding its ROI.

Conclusion: Users appreciate USM Anywhere's simple setup process, user-friendly interface, comprehensive solution, and cost-effectiveness. They find it easy to use, value its vulnerability assessment package, and benefit from its cloud deployment and integration capabilities. Users also praise its reporting capabilities and the valuable insights provided by its vulnerability management. However, Elastic Security faces criticism for its complicated setup process, lack of resources, challenges with integration, limited features compared to competitors, and weaker monitoring capabilities. The customer service and support for Elastic Security have received mixed reviews, with some users finding it satisfactory but others experiencing difficulties in communication and responsiveness.
To learn more, read our detailed Elastic Security vs. USM Anywhere Report (Updated: November 2023).
745,140 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature is the analysis, because of the beta structure.""The solution was relatively easy to deploy.""he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features.""The product detects and blocks threats and is more proactive than firewalls.""The price is low and quite competitive with others.""Additionally, when it comes to EDR, there are more tools available to assist with client work.""The console is easy to read. I also like the scanning part and the ability to move assets from one to the other.""The setup is pretty simple."

More Fortinet FortiEDR Pros →

"Stability-wise, I rate the solution a ten out of ten.""One of the most valuable features of this solution is that it is more flexible than AlienVault.""The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for.""It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader.""What customers found most valuable in Elastic Security feature-wise is the search capability, in particular, the way of writing the search query and the speed of searching for results.""Elastic Security is very easy to adapt.""It's open-source and free to use.""I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."

More Elastic Security Pros →

"The feature that I liked the most is that they have a vulnerability assessment package that comes along with the SIEM solution. So, whenever I find any threat or alert for any of the devices or servers, I could immediately initiate a vulnerability assessment scan on that machine. That is one of a kind. The price at which AlienVault operates is also valuable.""Easy to use, scalable, stable, and very intuitive platform that provides protection against security threats.""The most valuable feature is vulnerability management because it gives you insight into your environment to know what systems need to be updated or patched.""The most valuable feature in AT&T AlienVault USM is the reporting.""The ease of implementation is the most valuable feature.""Every activity on the firewall is recorded, and notifications are sent with this solution.""What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on and does it quite well. There are no whistles and bells, it's reliable and simple to use.""Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs."

More USM Anywhere Pros →

Cons
"The solution should address emerging threats like SQL injection.""I haven't seen the use of AI in the solution.""Once, we had an event that was locked and blocked, but information about it came to us two or three days later.""The support needs improvement.""We'd like to see more one-to-one product presentations for the distribution channels.""Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation.""We've encountered challenges during API deployment, occasionally resulting in unstable environments.""The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."

More Fortinet FortiEDR Cons →

"There is room for improvement in the Kibana dashboard and in the asset management for the program.""It is difficult to anticipate and understand the space utilization, so more clarity there would be great.""The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics.""The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side.""In terms of improvement, there could be more automation in responding to and evaluating detections.""The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated.""It could use maybe a little more on the Linux side.""We'd like better premium support."

More Elastic Security Cons →

"AlienVault cannot automatically respond to threats like other SIEM solutions, such as Sentinel and LogRhythm. Most of our clients are far away, so it's often challenging to handle alerts when they come up on our dashboard.""I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins.""Sometimes the log is unclear, and the report is a bit ambiguous.""Adding a parsing interface for the customers would make AT&T AlienVault USM better.""The price of AT&T AlienVault USM could be reduced.""I want to see more compliance management capability. The quality of integrations seems to be a little bit low.""The AT&T AlienVault USM is okay, but the relational database is not very good for large amounts of data. For example, many logs cannot be processed. It has been very slow for the queries and some data which are large, it is not very good in this case.""The GUI needs to improve because it's not user-friendly."

More USM Anywhere Cons →

Pricing and Cost Advice
  • "The price is comprable to other endpoint security solutions."
  • "The pricing is typical for enterprises and fairly priced."
  • "I'm not familiar with pricing, but it looks a bit costly compared to other vendors I think."
  • "The pricing is good."
  • "I would rate the solution's pricing an eight out of ten."
  • "The hardware costs about €100,000 and about €20,000 annually for access."
  • "Fortinet FortiEDR has a yearly subscription."
  • "It's not cheap, but it's not expensive either."
  • More Fortinet FortiEDR Pricing and Cost Advice →

  • "Affordable but with additional costs"
  • "When compared to other products, the price is average or on the low side."
  • "The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
  • "The price is reasonable. It probably costs the same as ArcSight and LogRhythm SIEM. FortiSIEM might cost less than Elastic Security. There are no hidden or additional costs."
  • "The tool's pricing is flexible and comes at unit cost. You don't have to pay for everything."
  • "The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."
  • "The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten."
  • "Elastic Security is free to use."
  • More Elastic Security Pricing and Cost Advice →

  • "They charge a license based on the storage. ATT AlienVault USM is a less expensive solution than IBM QRadar."
  • "It is affordable, and it also has many features that the premium products such as ArcSight and QRadar have. It is a very good platform for a SIEM solution. Everything is included in the price."
  • "AlienVault is certainly not nearly as expensive as Splunk or QRadar. It's decently priced, but I don't have the exact figure."
  • "I rate the price of AT&T AlienVault USM a four out of five."
  • "AT&T AlienVault USM is an expensive solution and we pay for the license and the support separately. We paid for the license and support for three years."
  • "They are a little more expensive than Microsoft."
  • "We pay around $12,000 a year including storage."
  • More USM Anywhere Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    745,140 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:I suggest Fortinet’s FortiEDR over FortiClient for several reasons. For starters, FortiEDR guarantees solid protection… more »
    Top Answer:Additionally, when it comes to EDR, there are more tools available to assist with client work.
    Top Answer:It is expensive and I would rate it an eight out of ten.
    Top Answer:With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times… more »
    Top Answer:Elastic Security is very customizable, and the dashboards are very easy to build.
    Top Answer:The pricing is fine. But the basic pricing should cover all the features you need. Elastic needs to add more features… more »
    Top Answer:What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on… more »
    Top Answer:The solution is not expensive at all. When it comes to costliness, I would rate it a two out of ten.
    Top Answer:USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing… more »
    Comparisons
    Also Known As
    enSilo, FortiEDR
    Elastic SIEM, ELK Logstash
    AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
    Learn More
    Overview

    Fortinet FortiEDR is a real-time endpoint protection, detection, and automated response solution. Its primary purpose is to detect advanced threats to stop breaches and ransomware damage. It is designed to do so in real time, even on an already compromised device, allowing you to respond and remediate incidents automatically so your data can remain protected.

    Fortinet FortiEDR Features

    Fortinet FortiEDR has many valuable key features, including:

    • Easily customizable
    • Real-time proactive risk mitigation & IoT security
    • Pre-infection protection
    • Post-infection protection
    • Track applications and ratings
    • Reduce the attack surface with risk-based proactive policies
    • Achieve analysis of entire log history
    • Optional managed detection and response (MDR) service

    Fortinet FortiEDR Benefits

    Some of the key benefits of using Fortinet FortiEDR include:

    • Protection: Fortinet FortiEDR provides proactive, real-time, automated endpoint protection with the orchestrated incident response across platforms. It stops the breach with real-time postinfection blocking to protect data from exfiltration and ransomware encryption.

    • Single unified console: Fortinet FortiEDR has a single unified console with an intuitive interface, which makes management easier. The solution automates mundane endpoint security tasks so your employees don’t need to do it.

    • Cost savings: With Fortinet FortiEDR you can eliminate post-breach operational expenses and breach damage costs.

    • Flexibility: Fortinet FortiEDR can be deployed on premises or on a secure cloud instance. With Fortinet FortiEDR, endpoints are protected both on- and off-line.

    • Scalability: Because Fortinet can be deployed quickly and has a small footprint, it is easy to scale up to protect hundreds of thousand endpoints.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Fortinet FortiEDR users.

    An Owner at a security firm says, "The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers. The customer has literally about 800 cash registers. That was the use case for Fortinet FortiEDR - to get that down into a tiny space. The only way to do that was to use this product because it had that ability to unbundle services that were a surplus.”

    Chandan M., Chief Technical Officer at Provision Technologies LLP, mentions, “The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration.” He also adds, “The security is also very good and the firewall response is good.”

    Harpreet S., Information Technology Support Specialist at Chemtrade Logistics, explains, "It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."

    DeAndre V., Senior Network Administrator at a financial services firm, states, “The dashboard is easy to follow and use. The deployment and uninstalling were easy. I like the detailed information about the path of a file that might be suspicious. Being able to check that out was easy to follow. Exceptions are easy to create and the interface is easy to follow with a nice appearance.

    Unify SIEM, endpoint security, and cloud security
    Elastic Security modernizes security operations — enabling analytics across years of data, automating key processes, and bringing native endpoint security to every host.
    Elastic Security equips teams to prevent, detect, and respond to threats at cloud speed and scale — securing business operations with a unified, open platform.

    USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

    Discover

    • Network asset discovery
    • Software & services discovery
    • AWS asset discovery
    • Azure asset discovery
    • Google Cloud Platform asset discovery

    Analyze

    • SIEM event correlation, auto-prioritized alarms
    • User activity monitoring
    • Up to 90-days of online, searchable events

    Detect

    • Cloud intrusion detection (AWS, Azure, GCP)
    • Network intrusion detection (NIDS)
    • Host intrusion detection (HIDS)
    • Endpoint Detection and Response (EDR)

    Respond

    • Forensics querying
    • Automate & orchestrate response
    • Notifications and ticketing

    Assess

    • Vulnerability scanning
    • Cloud infrastructure assessment
    • User & asset configuration
    • Dark web monitoring

    Report

    • Pre-built compliance reporting templates
    • Pre-built event reporting templates
    • Customizable views and dashboards
    • Log storage
    Offer
    Learn more about Fortinet FortiEDR
    Learn more about Elastic Security
    Learn more about USM Anywhere
    Sample Customers
    Financial, Healthcare, Legal, Technology, Enterprise, Manufacturing ... 
    Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
    Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Comms Service Provider11%
    Retailer6%
    Educational Organization6%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Government8%
    Manufacturing Company8%
    Financial Services Firm7%
    REVIEWERS
    Financial Services Firm32%
    Computer Software Company27%
    Healthcare Company14%
    Comms Service Provider9%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government9%
    Comms Service Provider7%
    REVIEWERS
    Financial Services Firm19%
    Healthcare Company17%
    Computer Software Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider8%
    Government7%
    Educational Organization6%
    Company Size
    REVIEWERS
    Small Business39%
    Midsize Enterprise21%
    Large Enterprise39%
    VISITORS READING REVIEWS
    Small Business31%
    Midsize Enterprise19%
    Large Enterprise50%
    REVIEWERS
    Small Business57%
    Midsize Enterprise19%
    Large Enterprise24%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise58%
    REVIEWERS
    Small Business55%
    Midsize Enterprise25%
    Large Enterprise20%
    VISITORS READING REVIEWS
    Small Business36%
    Midsize Enterprise19%
    Large Enterprise46%
    Buyer's Guide
    Elastic Security vs. USM Anywhere
    November 2023
    Find out what your peers are saying about Elastic Security vs. USM Anywhere and other solutions. Updated: November 2023.
    745,140 professionals have used our research since 2012.

    Elastic Security is ranked 5th in Log Management with 29 reviews while USM Anywhere is ranked 13th in Log Management with 13 reviews. Elastic Security is rated 7.6, while USM Anywhere is rated 7.8. The top reviewer of Elastic Security writes "A highly flexible and customizable tool that needs to improve automation and integration". On the other hand, the top reviewer of USM Anywhere writes "A very scalable solution with vulnerability management that helps avoid weaknesses, but needs broader compliance management capabilities". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, Microsoft Defender for Endpoint and IBM Security QRadar, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, Splunk Enterprise Security, IBM Security QRadar and Fortinet FortiAnalyzer. See our Elastic Security vs. USM Anywhere report.

    See our list of best Log Management vendors, best EDR (Endpoint Detection and Response) vendors, and best Security Information and Event Management (SIEM) vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.