• Home
  • RSA enVision vs. USM Anywhere

RSA enVision vs USM Anywhere comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Sentinel
Read 85 Microsoft Sentinel reviews
31,886 views|17,713 comparisons
92% willing to recommend
RSA Logo
RSA enVision
Read 5 RSA enVision reviews
825 views|672 comparisons
80% willing to recommend
AT&T Logo
USM Anywhere
Read 113 USM Anywhere reviews
5,644 views|3,733 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Security Information and Event Management (SIEM)
April 2024
Executive Summary

We performed a comparison between RSA enVision and USM Anywhere based on real PeerSpot user reviews.

Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM).
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: April 2024).
Download the complete report
769,479 professionals have used our research since 2012.
Featured Review
Sachin Paul
Makes data integration very easy for our SOC
It enables data integration within our hybrid, multi-cloud environment, and it makes this data integration very easy for our security operations... Read more →
Anonymous User
Though the solution offers good technical support, it needs to be made more user-friendly
Subramaniam L.
Easy to deploy, stable, and affordable
AT&T AlienVault USM has improved detection of the potential threats and helped us to proactively take action against these threats. AT&T... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The features that stand out are the detection engine and its integration with multiple data sources.""The dashboard that allows me to view all the incidents is the most valuable feature.""Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements.""What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part.""The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going.""The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running.""The solution offers a lot of data on events. It helps us create specific detection strategies.""Log aggregation and data connectors are the most valuable features."

More Microsoft Sentinel Pros →

"The most valuable feature is the management features. It's capable of managing large enterprises.""The most valuable feature of this solution is the reporting.""The configuration part is very easy...The technical support was sincere in their responses...I rate the technical support a nine out of ten."

More RSA enVision Pros →

"The other big selling feature for us was its integration capabilities with all the other security-based products.""Any unusual behaviour, we can monitor. We have alerts set up to be sent when we receive signs of any unusual behaviour.""Easy to use, scalable, stable, and very intuitive platform that provides protection against security threats.""AlienVault has an advanced component within one package. With this, we can cover more area with one solution.""The IDS and the threat intelligence are very useful. They are very intuitive and data-rich.""The vulnerability manager and the file integration are very good.""As we have to service several servers, we can manage them in a economical way, which is beneficial to our team and business.""Having everything in a central place has been helpful."

More USM Anywhere Pros →

Cons
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel.""They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good.""Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex.""We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days.""Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities.""The reporting could be more structured.""One key area that can be improved is by building a strong integration with our XDR platform.""Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."

More Microsoft Sentinel Cons →

"The integration could be easier, it should support more products.""In general, the solution currently isn't user-friendly.""RSA enVision log manager is out of date and is not in use anymore."

More RSA enVision Cons →

"Its reporting tools need improvements. It would be good if they can provide integration with other ticketing systems. Currently, we only have integration with Slack and Jira. It is also a bit slow, and its replication engine can be improved.""It should be able to communicate with other security solutions to stop threats.""We develop additional rules and scripts to make it more usable.""Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on the thing. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies.""The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient.""More complimentary training needs to be done for use with this tool. If you get into a bind, then it will cost you.""Source material on the forums to be more up-to-date with the changes happening within the product. Forums being out-of-date with information due to the changes makes troubleshooting a little more difficult - specific to the HIDS agents.""The only complex area of the setup was writing the custom scripts."

More USM Anywhere Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

  • "We no longer pay a licensing fee because it is out of date and don't pay for support."
  • "On a scale of one to ten, where one is low, and ten is high price, I rate the pricing a six."

    • More RSA enVision Pricing and Cost Advice →

  • "AlienVault is flexible on their pricing for unlimited licenses."
  • "Pricing is very competitive with other products and you get much more functionality from AlienVault."
  • "QRadar, ArcSight and Splunk are some of the most expensive SIEM products out there in the market and not everyone has the budget to buy them. In such cases, AV USM is a very cost effective alternative."
  • "Do the one month trial and try to work out the kinks during it, as it has free support and service hours."
  • "We checked out several competitors. For what it can do and the cost, it was the best option!"
  • "Use the AlienVault team. They are helpful and the documentation that they provide is second to none."
  • "​The price point is good.​"
  • "It has good pricing."

    • More USM Anywhere Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    769,479 professionals have used our research since 2012.
    Questions from the Community
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Read all 2 answers   →
    What do you like most about RSA enVision?
    Top Answer:The configuration part is very easy...The technical support was sincere in their responses...I rate the technical… more »
    Read all 3 answers   →
    What needs improvement with RSA enVision?
    Top Answer:Improvement-wise, enrichment of data and policy should be done to make it more user-friendly. Enrichment of web policy… more »
    Read all 3 answers   →
    What advice do you have for others considering RSA enVision?
    Top Answer:If you have a relatively simple IT infrastructure, you can go for RSA enVision. Structure, like a hybrid cloud or Telco… more »
    Read all 3 answers   →
    What do you like most about AT&T AlienVault USM?
    Top Answer:The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the… more »
    Read all 33 answers   →
    What is your experience regarding pricing and costs for AT&T AlienVault USM?
    Top Answer:It is a product that is priced in a medium range, making it neither a cheap nor a costly product.
    Read all 33 answers   →
    What needs improvement with AT&T AlienVault USM?
    Top Answer:The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve… more »
    Read all 36 answers   →
    Comparisons
    Also Known As
    Azure Sentinel
    AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
    Learn More
    Microsoft
    RSA
    AT&T
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    RSA enVision is a comprehensive security information and event management (SIEM) solution offered by RSA, a leading provider of cybersecurity solutions. It enables organizations to collect, analyze, and manage security event data from various sources, providing real-time visibility into their IT infrastructure. With RSA enVision, organizations can proactively detect and respond to security incidents, ensuring the protection of critical assets and sensitive data. 

    The solution offers a wide range of features, including log management, event correlation, threat intelligence, and compliance reporting. One of the key strengths of RSA enVision is its ability to collect and normalize data from diverse sources, such as network devices, servers, applications, and databases. This allows organizations to gain a holistic view of their security posture and identify potential threats or vulnerabilities. 

    The event correlation capabilities of RSA enVision enable the detection of complex attack patterns and the identification of potential security incidents. By analyzing events in real-time and correlating them with historical data, the solution can provide actionable insights and alerts to security teams, enabling them to respond quickly and effectively. RSA enVision also offers advanced threat intelligence capabilities, leveraging machine learning and behavioral analytics to identify anomalous activities and potential indicators of compromise. This helps organizations stay ahead of emerging threats and proactively mitigate risks. 

    RSA enVision provides comprehensive compliance reporting capabilities, helping organizations meet regulatory requirements and demonstrate adherence to industry standards. The solution offers pre-built compliance reports for various regulations, such as PCI DSS, HIPAA, and GDPR, simplifying the audit process and reducing compliance-related costs. In summary, RSA enVision is a powerful SIEM solution that enables organizations to effectively manage their security events, detect and respond to threats, and meet compliance requirements. 

    With its robust features and capabilities, it provides organizations with the necessary tools to enhance their cybersecurity posture and protect their critical assets.

    USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

    Discover

    • Network asset discovery
    • Software & services discovery
    • AWS asset discovery
    • Azure asset discovery
    • Google Cloud Platform asset discovery

    Analyze

    • SIEM event correlation, auto-prioritized alarms
    • User activity monitoring
    • Up to 90-days of online, searchable events

    Detect

    • Cloud intrusion detection (AWS, Azure, GCP)
    • Network intrusion detection (NIDS)
    • Host intrusion detection (HIDS)
    • Endpoint Detection and Response (EDR)

    Respond

    • Forensics querying
    • Automate & orchestrate response
    • Notifications and ticketing

    Assess

    • Vulnerability scanning
    • Cloud infrastructure assessment
    • User & asset configuration
    • Dark web monitoring

    Report

    • Pre-built compliance reporting templates
    • Pre-built event reporting templates
    • Customizable views and dashboards
    • Log storage
    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    BPS (SUISSE), Hypovereinsbank Germany, MAX Hamburgers, Infoplex, Neotel, Telus
    Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Financial Services Firm13%
    Manufacturing Company10%
    Computer Software Company9%
    Energy/Utilities Company9%
    REVIEWERS
    Financial Services Firm20%
    Healthcare Company17%
    Computer Software Company9%
    Comms Service Provider7%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider8%
    Government8%
    Educational Organization7%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise12%
    Large Enterprise71%
    REVIEWERS
    Small Business54%
    Midsize Enterprise25%
    Large Enterprise21%
    VISITORS READING REVIEWS
    Small Business35%
    Midsize Enterprise19%
    Large Enterprise46%
    Buyer's Guide
    Security Information and Event Management (SIEM)
    April 2024
    Download Free Report
    Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM). Updated: April 2024.
    DOWNLOAD NOW
    769,479 professionals have used our research since 2012.

    RSA enVision is ranked 36th in Security Information and Event Management (SIEM) with 5 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. RSA enVision is rated 6.8, while USM Anywhere is rated 8.4. The top reviewer of RSA enVision writes "Though the solution offers good technical support, it needs to be made more user-friendly ". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". RSA enVision is most compared with NetWitness Platform, Splunk Enterprise Security and IBM Security QRadar, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Rapid7 InsightIDR.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.