No more typing reviews! Try our Samantha, our new voice AI agent.

Security Onion vs USM Anywhere comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Security Onion
Ranking in Log Management
25th
Average Rating
7.2
Reviews Sentiment
7.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
USM Anywhere
Ranking in Log Management
29th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
115
Ranking in other categories
Security Information and Event Management (SIEM) (29th), Endpoint Detection and Response (EDR) (40th), Compliance Management (14th)
 

Mindshare comparison

As of July 2026, in the Log Management category, the mindshare of Security Onion is 1.9%, down from 5.0% compared to the previous year. The mindshare of USM Anywhere is 1.3%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
Security Onion1.9%
USM Anywhere1.3%
Other96.8%
Log Management
 

Featured Reviews

HJ
Manager at teshama
Centralized threat monitoring has improved visibility but demands complex setup and configuration
The best features Security Onion offers include acting as the intrusion detection system in my organization and helping me to address traffic, logs, and events happening within the organization. Since Security Onion is an open-source system that integrates with tools like Suricata and Zeek with the ELK stack, it enables threat detection and response capabilities, delivering high-level security measures at a cost, making it suitable for businesses of varying skill levels. These integrations with Suricata and Zeek have greatly impacted our workflow and our team's effectiveness by helping us address issues such as identifying intrusions, evaluating threats, and overseeing log files. This tool is very cost-effective, making it suitable for any size of organization wanting to use it.
Kris Nawani - PeerSpot reviewer
Co-Founder/Director at Bangkok MSP Company Limited
Offers complete coverage without the need to install additional software
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools The solution offers complete coverage without the need to install additional software, as it is maintained by the vendor. It helps in saving…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We use Security Onion for internal vulnerability assessment."
"Security Onion has positively impacted my organization by greatly improving our security posture, making alert triage easier to handle, simplifying the analysis of threats, and decreasing the cost of threat analysis and detection."
"Security Onion is the most mature solution in the market."
"The most valuable feature of Security Onion for security monitoring is its ability to find infected ports."
"AlienVault has provided a nice, unified system for monitoring and reporting."
"The most valuable feature is threat intelligence."
"The AlienVault solution has enabled us to create a SOC on a budget with smaller than usual staff requirements, offering a wider range of solutions for our customers."
"Its powerful correlation engine helps reduce time in manually correlating events."
"The most valuable feature in AT&T AlienVault USM is the reporting."
"In terms of monitoring, my best feature would be the monitoring of components across the network; it monitors the respective nodes and any new node that comes onto the network and provides reports, and the reporting dashboards are really helpful for management in terms of making decisions around patch management."
"AlienVault provided the best bang for buck."
"We had used previous products and found AlienVault centralized the logging for our security."
 

Cons

"Security Onion's user interface could be improved."
"For Security Onion, setting up and configuring the system can be quite challenging for newcomers due to the need for a grasp of networking and security concepts."
"The product is not easy to learn."
"The initial setup of the solution is a little bit difficult."
"We would love to be able to create custom rules based on a series of events, to create rule-sets where, for example, failed logins to the VPN Server are logged and then when a successful attempt follows soon after, it triggers an alarm for a Brute Force."
"The configuration is somewhat complex and the interface a bit non-intuitive."
"User friendly interface could be an advantage. Sometimes we may face trouble when we were going through the settings of AlienVault SIEM."
"In the future, I would like to see all these features of the solution working properly."
"It can still be difficult to feed products that are not supported out-of-the-box."
"AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive."
"As it includes multiple security softwares, the installation and configuration takes a lot of time."
"There could be some type of integration with our existing portal. We have our own customer portals, and it would be good if there was an integration so that our portal can provide reports. There could be some type of API into the AlienVault system with the USM system so that it is easy to show the customers high-level reports of the system through our portal."
 

Pricing and Cost Advice

"Security Onion is a free solution."
"It is an open-source solution."
"Security Onion is an open-source solution."
"So far, it has been a good solution for a tight budget."
"​The vulnerability management solution is worse than buying a Nessus Professional license.​"
"I rate the price of AT&T AlienVault USM a four out of five."
"I don't think the product's pricing is a good value because they try to raise the price 50 percent every year... AlienVault needs to understand that not all customers are huge enterprises... Their sales team is way too aggressive. The price they advertise is not always the price you get."
"So far, I feel the product's pricing is a good value. The technology is decent. You get what you pay for. I think it's fair."
"​The price point is good.​"
"Negotiate the best package for your environment."
"Use the AlienVault team. They are helpful and the documentation that they provide is second to none."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
University
12%
Comms Service Provider
11%
Government
10%
Computer Software Company
7%
Construction Company
23%
Financial Services Firm
10%
Comms Service Provider
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business65
Midsize Enterprise29
Large Enterprise25
 

Questions from the Community

Ask a question
Earn 20 points
What needs improvement with AT&T AlienVault USM?
There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.
What is your primary use case for AT&T AlienVault USM?
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools.
 

Also Known As

No data available
AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
 

Overview

 

Sample Customers

Information Not Available
Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
Find out what your peers are saying about Security Onion vs. USM Anywhere and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.