Sumo Logic Security vs USM Anywhere comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
35,678 views|20,151 comparisons
Sumo Logic Logo
2,836 views|2,005 comparisons
AT&T Logo
5,647 views|3,888 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Sumo Logic Security and USM Anywhere based on real PeerSpot user reviews.

Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Sumo Logic Security vs. USM Anywhere Report (Updated: November 2023).
745,341 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities.""The product can integrate with any device.""The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases.""The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc.""Microsoft Sentinel comes preloaded with templates for teaching and analytics rules.""We are able to deploy within half an hour and we only require one person to complete the implementation.""Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually.""The connectivity and analytics are great."

More Microsoft Sentinel Pros →

"We can integrate threat intelligence solutions into the product.""Technical support is always great.""The tool has key features like operability. It will alert the admins whenever a device is onboarded.""The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs.""The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."

More Sumo Logic Security Pros →

"Having everything in a central place has been helpful.""AlienVault's reporting is good. I like that vulnerability assessment is part of the solution, and the UI is intuitive. Also, the overhead is low, which is to say we don't need a dedicated SOC team to manage and analyze things constantly. We're a small company that doesn't have those resources.""AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable.""The feature that I liked the most is that they have a vulnerability assessment package that comes along with the SIEM solution. So, whenever I find any threat or alert for any of the devices or servers, I could immediately initiate a vulnerability assessment scan on that machine. That is one of a kind. The price at which AlienVault operates is also valuable.""Easy to use, scalable, stable, and very intuitive platform that provides protection against security threats.""The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events.""The most valuable feature in AT&T AlienVault USM is the reporting.""The vulnerability manager and the file integration are very good."

More USM Anywhere Pros →

Cons
"Microsoft Sentinel is relatively expensive, and its cost should be improved.""The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results.""If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement.""If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries.""The product can be improved by reducing the cost to use AI machine learning.""We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed.""Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized.""For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."

More Microsoft Sentinel Cons →

"The solution should improve its UI.""The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial.""From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc.""In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently.""The integration with multiple sources could be better."

More Sumo Logic Security Cons →

"Their threat intelligence platform needs to be broadened. They should integrate it with more threat intelligence platforms. For the threat feed that they get from open intelligence, I would like them to add a few premium threat intelligence platforms. They can provide a bundle in which AlienVault has the threat intelligence background of other premium products.""USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it.""The GUI needs to improve because it's not user-friendly.""I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins.""Sometimes the log is unclear, and the report is a bit ambiguous.""Adding a parsing interface for the customers would make AT&T AlienVault USM better.""AlienVault cannot automatically respond to threats like other SIEM solutions, such as Sentinel and LogRhythm. Most of our clients are far away, so it's often challenging to handle alerts when they come up on our dashboard.""I've been told that AlienVault doesn't have a full version of NES running in there, but I'm not sure if that's accurate or if my engineer made it that way. I'm not sure he was completely honest either because we had NES in the environment before. Those tools could be improved because AlienVault is a SIEM, and it added all these other features."

More USM Anywhere Cons →

Pricing and Cost Advice
  • "I have worked with a lot of SIEMs. We are using Sentinel three to four times more than other SIEMs that we have used. Azure Sentinel's only limitation is its price point. Sentinel costs a lot if your ingestion goes up to a certain point."
  • "Pricing is pay-as-you-go with Sentinel, which is good because it all depends on the number of users and the number of devices to which you connect."
  • "For us, it is not expensive at this time, but if we start to collect all logs from our on-premise SIEM solutions, it will cost more than QRadar. If we calculate its cost over the next five or ten years, it will cost more than what we paid for QRadar."
  • "I don't know yet because they gave us a 30-day test window for free."
  • "It's costly to maintain and renew."
  • "Microsoft Sentinel is expensive."
  • "Sentinel is pretty competitive. The pricing is at the level of other SIEM solutions."
  • "It is certainly the most expensive solution. The cost is very high. We need to do an assessment using the one-month trial so that we can study the cost side. Before implementing it, we must do a careful calculation."
  • More Microsoft Sentinel Pricing and Cost Advice →

  • "The license pricing model is based on the events that are processed through the solution."
  • "The product is costly."
  • More Sumo Logic Security Pricing and Cost Advice →

  • "They charge a license based on the storage. ATT AlienVault USM is a less expensive solution than IBM QRadar."
  • "It is affordable, and it also has many features that the premium products such as ArcSight and QRadar have. It is a very good platform for a SIEM solution. Everything is included in the price."
  • "AlienVault is certainly not nearly as expensive as Splunk or QRadar. It's decently priced, but I don't have the exact figure."
  • "I rate the price of AT&T AlienVault USM a four out of five."
  • "AT&T AlienVault USM is an expensive solution and we pay for the license and the support separately. We paid for the license and support for three years."
  • "They are a little more expensive than Microsoft."
  • "We pay around $12,000 a year including storage."
  • More USM Anywhere Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    745,341 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Top Answer:We can integrate threat intelligence solutions into the product.
    Top Answer:The product is costly. At the same cost, we can get other tools with better features and capabilities.
    Top Answer:The query of Sumo Logic is complex. It should be improved. The solution should improve its UI. FireEye, Splunk, and… more »
    Top Answer:What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on… more »
    Top Answer:The solution is not expensive at all. When it comes to costliness, I would rate it a two out of ten.
    Top Answer:USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing… more »
    Comparisons
    Also Known As
    Azure Sentinel
    AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
    Learn More
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Sumo Logic empowers the people who power modern, digital business. Our cloud-native SaaS analytics platform powered by logs helps customers deliver reliable and secure cloud-native applications. With Sumo Logic, practitioners and developers can ensure application reliability, secure and protect against modern threats and gain insights into their cloud infrastructures. Customers worldwide rely on our scalable platform to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications. For more information, visit: SUMOLOGIC.COM

    USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

    Discover

    • Network asset discovery
    • Software & services discovery
    • AWS asset discovery
    • Azure asset discovery
    • Google Cloud Platform asset discovery

    Analyze

    • SIEM event correlation, auto-prioritized alarms
    • User activity monitoring
    • Up to 90-days of online, searchable events

    Detect

    • Cloud intrusion detection (AWS, Azure, GCP)
    • Network intrusion detection (NIDS)
    • Host intrusion detection (HIDS)
    • Endpoint Detection and Response (EDR)

    Respond

    • Forensics querying
    • Automate & orchestrate response
    • Notifications and ticketing

    Assess

    • Vulnerability scanning
    • Cloud infrastructure assessment
    • User & asset configuration
    • Dark web monitoring

    Report

    • Pre-built compliance reporting templates
    • Pre-built event reporting templates
    • Customizable views and dashboards
    • Log storage
    Offer
    Learn more about Microsoft Sentinel
    Learn more about Sumo Logic Security
    Learn more about USM Anywhere
    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Real Estate/Law Firm6%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm33%
    Media Company22%
    Government11%
    Transportation Company11%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm11%
    Government9%
    Manufacturing Company8%
    REVIEWERS
    Financial Services Firm19%
    Healthcare Company17%
    Computer Software Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider8%
    Government7%
    Educational Organization6%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise20%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise16%
    Large Enterprise60%
    REVIEWERS
    Small Business28%
    Midsize Enterprise11%
    Large Enterprise61%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise17%
    Large Enterprise59%
    REVIEWERS
    Small Business55%
    Midsize Enterprise25%
    Large Enterprise20%
    VISITORS READING REVIEWS
    Small Business36%
    Midsize Enterprise19%
    Large Enterprise46%
    Buyer's Guide
    Sumo Logic Security vs. USM Anywhere
    November 2023
    Find out what your peers are saying about Sumo Logic Security vs. USM Anywhere and other solutions. Updated: November 2023.
    745,341 professionals have used our research since 2012.

    Sumo Logic Security is ranked 18th in Log Management with 5 reviews while USM Anywhere is ranked 13th in Log Management with 13 reviews. Sumo Logic Security is rated 8.2, while USM Anywhere is rated 7.8. The top reviewer of Sumo Logic Security writes "The solution is automated and has a good number of extensions, but it is costly, and it must improve its UI". On the other hand, the top reviewer of USM Anywhere writes "A very scalable solution with vulnerability management that helps avoid weaknesses, but needs broader compliance management capabilities". Sumo Logic Security is most compared with Splunk Enterprise Security, Wazuh, Rapid7 InsightIDR, IBM Security QRadar and Loggly, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, Splunk Enterprise Security, IBM Security QRadar and Rapid7 InsightIDR. See our Sumo Logic Security vs. USM Anywhere report.

    See our list of best Log Management vendors, best Security Information and Event Management (SIEM) vendors, and best Security Information and Event Management (SIEM) vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.