Try our new research platform with insights from 80,000+ expert users

Palo Alto Networks AutoFocus vs USM Anywhere comparison

The compared Palo Alto Networks and LevelBlue solutions aren't in the same category. Palo Alto Networks is ranked #15 in TIPT , with an average rating of 7.5, and holds a 1.3% mindshare in the category. LevelBlue is ranked #30 in SIEM , with an average rating of 7.3, and holds a 0.9% mindshare. Additionally, 85% of Palo Alto Networks users are willing to recommend the solution, compared to 92% of LevelBlue users who would recommend it.
Palo Alto Networks AutoFocus
Read 6 Palo Alto Networks AutoFocus reviews
  • 1,082 Views
  • 272 Comparison Views
85% willing to recommend
USM Anywhere
Read 115 USM Anywhere reviews
  • 1,986 Views
  • 1,353 Comparison Views
92% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Palo Alto Networks AutoFocus and USM Anywhere based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, Recorded Future, VirusTotal and others in Threat Intelligence Platforms.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Threat Intelligence Platforms Report (Updated: April 2025).
Buyer's Guide
Threat Intelligence Platforms
April 2025
Download the complete report
Helped 850,760 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Palo Alto Networks AutoFocus
Average Rating
7.8
Reviews Sentiment
7.7
Number of Reviews
6
Ranking in other categories
Threat Intelligence Platforms (15th)
USM Anywhere
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
115
Ranking in other categories
Log Management (44th), Security Information and Event Management (SIEM) (30th), Endpoint Detection and Response (EDR) (51st), Compliance Management (12th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Palo Alto Networks AutoFocus is designed for Threat Intelligence Platforms and holds a mindshare of 1.3%, down 1.6% compared to last year.
USM Anywhere, on the other hand, focuses on Security Information and Event Management (SIEM), holds 0.9% mindshare, down 1.9% since last year.
Threat Intelligence Platforms
Security Information and Event Management (SIEM)
 

Featured Reviews

RichPhillips - PeerSpot reviewer
Offers a centralized dashboard for reporting threats and anomalies
The tool along with other suite of products provides us with threat and alert information.  The solution has provided us with a centralized dashboard for reporting threats and anomalies.  I am impressed with the tool's integration of Palo Alto products which serves as a platform for security.  I…
Read full review
Kris Nawani - PeerSpot reviewer
Offers complete coverage without the need to install additional software
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools The solution offers complete coverage without the need to install additional software, as it is maintained by the vendor. It helps in saving…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The feature that I like best is the dashboard."
"The logs play a crucial role as they contribute to blocking unwanted Internet traffic."
"The most valuable feature is alerting."
"It integrates well with other solutions and provides good threat intelligence in terms of external threats."
"I am impressed with the tool's integration of Palo Alto products which serves as a platform for security."
"I would rate Palo Alto Networks AutoFocus a ten out of ten."
"The IDS and the threat intelligence are very useful. They are very intuitive and data-rich."
"This is a USM, so being able to get all the features under one roof makes it a good product with good new features."
"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."
"It provides a single pane of glass view, coupled with a whole security ecosystem. The ability to manage everything from a central point, including vulnerability assessments, asset management - including the services provided by the various hosts, NIDS, HIDS, etc. - provides a very efficient way of dealing with things."
"The most valuable feature is threat intelligence."
"It has allowed us to see what is happening on our servers."
"AlienVault has an advanced component within one package. With this, we can cover more area with one solution."
"AlienVault's reporting is good. I like that vulnerability assessment is part of the solution, and the UI is intuitive. Also, the overhead is low, which is to say we don't need a dedicated SOC team to manage and analyze things constantly. We're a small company that doesn't have those resources."
More USM Anywhere pros
 

Cons

"I would like the tool to see more integration with Cortex XDR. There is no real reason to keep them separate."
"It would be better if they used the threat intelligence feeds directly from their side and changing the verdict instead of us requesting it."
"It would be helpful to have better documentation for configuring and installing the solution."
"I would like to have more technical documentation that contains greater detail on the types of threats that are occurring."
"It is a completely cloud-based product at present."
"The vulnerability reporting needs to have options to be able to sort or customize the output."
"There could be some type of integration with our existing portal. We have our own customer portals, and it would be good if there was an integration so that our portal can provide reports. There could be some type of API into the AlienVault system with the USM system so that it is easy to show the customers high-level reports of the system through our portal."
"Reporting is convoluted and difficult at times, although they claim to have hundreds of pre-built reports, very few of them are actually useful for anything but what the USM is doing."
"Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on the thing. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies."
"Windows log collection works with HIDS, but documentation is sparse and confusing."
"Pay attention to false-positive event automatic correlations."
"The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."
"The GUI needs to improve because it's not user-friendly."
More USM Anywhere cons
 

Pricing and Cost Advice

"It is expensive."
"The solution is reasonably priced."
"They are a little more expensive than Microsoft."
"It allows you to do a lot with a small price tag... The pricing is the best on the market."
"We ran a few PoCs. The price and feature set were the best with AlienVault."
"​The price point is good.​"
"Its price is in the medium to upper range."
"AlienVault is flexible on their pricing for unlimited licenses."
"Do the one month trial and try to work out the kinks during it, as it has free support and service hours."
"Use the AlienVault team. They are helpful and the documentation that they provide is second to none."
More USM Anywhere pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Threat Intelligence Platforms solutions are best for your needs.
See recommendations
850,760 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
12%
Computer Software Company
12%
Manufacturing Company
12%
Insurance Company
8%
Computer Software Company
20%
Financial Services Firm
9%
Comms Service Provider
8%
Educational Organization
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Palo Alto Networks AutoFocus?
I am impressed with the tool's integration of Palo Alto products which serves as a platform for security.
See all answers
What needs improvement with Palo Alto Networks AutoFocus?
I would like the tool to see more integration with Cortex XDR. There is no real reason to keep them separate.
See all answers
What is your primary use case for Palo Alto Networks AutoFocus?
The tool along with other suite of products provides us with threat and alert information.
See all answers
What do you like most about AT&T AlienVault USM?
The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
See all answers
What is your experience regarding pricing and costs for AT&T AlienVault USM?
The pricing is amazing and really cheap.
See all answers
What needs improvement with AT&T AlienVault USM?
There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.
See all answers
 

Comparisons

Anomali vs Palo Alto Networks AutoFocus Logo
Anomali vs Palo Alto Networks AutoFocus
Compared 44% of the time
Cisco Threat Grid vs Palo Alto Networks AutoFocus Logo
Cisco Threat Grid vs Palo Alto Networks AutoFocus
Compared 31% of the time
Recorded Future vs Palo Alto Networks AutoFocus Logo
Recorded Future vs Palo Alto Networks AutoFocus
Compared 24% of the time
More Palo Alto Networks AutoFocus Competitors
AlienVault OSSIM vs USM Anywhere Logo
AlienVault OSSIM vs USM Anywhere
Compared 26% of the time
Splunk Enterprise Security vs USM Anywhere Logo
Splunk Enterprise Security vs USM Anywhere
Compared 13% of the time
Wazuh vs USM Anywhere Logo
Wazuh vs USM Anywhere
Compared 11% of the time
Rapid7 InsightIDR vs USM Anywhere Logo
Rapid7 InsightIDR vs USM Anywhere
Compared 10% of the time
IBM Security QRadar vs USM Anywhere Logo
IBM Security QRadar vs USM Anywhere
Compared 9% of the time
More USM Anywhere Competitors
 

Product Reports

Buyer's Guide
Threat Intelligence Platforms
April 2025
Palo Alto Networks AutoFocus reportDownload Palo Alto Networks AutoFocus product report
Buyer's Guide
USM Anywhere
April 2025
USM Anywhere reportDownload USM Anywhere product report
 

Also Known As

Palo Alto Threat Intelligence Management
AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
 

Overview

AutoFocus contextual threat intelligence service accelerates analysis, correlation and prevention workflows. Unique, targeted attacks are automatically prioritized with full context, allowing security teams to respond to critical attacks faster, without additional IT security resources.

Palo Alto Networks

USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

Discover

  • Network asset discovery
  • Software & services discovery
  • AWS asset discovery
  • Azure asset discovery
  • Google Cloud Platform asset discovery

Analyze

  • SIEM event correlation, auto-prioritized alarms
  • User activity monitoring
  • Up to 90-days of online, searchable events

Detect

  • Cloud intrusion detection (AWS, Azure, GCP)
  • Network intrusion detection (NIDS)
  • Host intrusion detection (HIDS)
  • Endpoint Detection and Response (EDR)

Respond

  • Forensics querying
  • Automate & orchestrate response
  • Notifications and ticketing

Assess

  • Vulnerability scanning
  • Cloud infrastructure assessment
  • User & asset configuration
  • Dark web monitoring

Report

  • Pre-built compliance reporting templates
  • Pre-built event reporting templates
  • Customizable views and dashboards
  • Log storage
LevelBlue
 

Sample Customers

Telkom Indonesia
Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
Buyer's Guide
Threat Intelligence Platforms
April 2025
Download Free Report
Find out what your peers are saying about CrowdStrike, Recorded Future, VirusTotal and others in Threat Intelligence Platforms. Updated: April 2025.
DOWNLOAD NOW
850,760 professionals have used our research since 2012.

We monitor all Threat Intelligence Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.