Try our new research platform with insights from 80,000+ expert users

USM Anywhere vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

USM Anywhere
Ranking in Log Management
38th
Ranking in Security Information and Event Management (SIEM)
30th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
115
Ranking in other categories
Endpoint Detection and Response (EDR) (52nd), Compliance Management (12th)
Wazuh
Ranking in Log Management
2nd
Ranking in Security Information and Event Management (SIEM)
2nd
Average Rating
7.4
Reviews Sentiment
6.6
Number of Reviews
45
Ranking in other categories
Extended Detection and Response (XDR) (3rd)
 

Mindshare comparison

As of January 2025, in the Log Management category, the mindshare of USM Anywhere is 0.5%, down from 1.6% compared to the previous year. The mindshare of Wazuh is 16.8%, up from 13.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Kris Nawani - PeerSpot reviewer
Offers complete coverage without the need to install additional software
USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools The solution offers complete coverage without the need to install additional software, as it is maintained by the vendor. It helps in saving…
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It brought our logs into one place for review and set up alarms based on changes we were missing due to lack of having one place for everything to go."
"It provides a single pane of glass view, coupled with a whole security ecosystem. The ability to manage everything from a central point, including vulnerability assessments, asset management - including the services provided by the various hosts, NIDS, HIDS, etc. - provides a very efficient way of dealing with things."
"AlientVault has helped us in improving our visualization and incident response during cybersecurity situations."
"Asset discovery seems to be good."
"I can easily check (in one place) all the logs and data in relation to attacks. It also gives me an overview if a server is not configured properly."
"Vulnerability scanning helped out shortcomings of what was not patched in the past and what needed to be patched. This assisted with fine tuning the environment for compliance."
"The most valuable feature is vulnerability management because it gives you insight into your environment to know what systems need to be updated or patched."
"Any unusual behaviour, we can monitor. We have alerts set up to be sent when we receive signs of any unusual behaviour."
"The most valuable features are the modules and metrics."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"The MITRE ATT&CK correlation is most valuable."
"It has efficient SCA capabilities."
"Good for monitoring, active response, and for vulnerabilities."
"Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
 

Cons

"The GUI needs to improve because it's not user-friendly."
"In the future, I would like to see all these features of the solution working properly."
"USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it."
"they seem to have bugs from time to time that go unfixed for a while and that is frustrating. I'm not saying the product needs to be bug-free, but they need to be responsive to bugs."
"The one thing I continue to dislike about the USM is the limitation on reports."
"The only complex area of the setup was writing the custom scripts."
"The UI and overall processes need a little bit more love. This shows in the error banners that come up when you select certain things. There isn't a day that goes by that the UI doesn't error out and I can't view events for an alarm."
"The reporting and dashboards have room for improvement."
"Integration with Vyara could be better."
"The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement."
"The support channel is not optimal, and extensive research is required on our part to implement Wazuh effectively."
"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."
"The implementation is very complex."
"The tool doesn't detect anomalies or new environments."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"Its user interface for sure can be improved. It is not so comfortable to use if you're looking for specific logs."
 

Pricing and Cost Advice

"So far, it has been a good solution for a tight budget."
"I don't know exactly, but I know it is based on the number of logs and the retention duration, such as 30 days or something like that. So, the smallest package is about 500 a month for 30 days of logs. There is a virtual machine. You need resources for it. It is a log collecting VM. They provide the software, and you just have to load a virtual machine. So, you're going to incur some CPU RAM and storage for wherever this log collecting appliance is running, which typically is in our cloud and on our platform for the customer."
"The price of this solution is reasonable, which is one of the reasons why we selected it over other solutions."
"It's very reasonably priced. It was one of the lowest among the ones I looked at. Licensing is pretty flexible. They can do a two-year or a three-year, even a one-year, perhaps."
"We ran a few PoCs. The price and feature set were the best with AlienVault."
"It has good pricing."
"AlienVault is flexible on their pricing for unlimited licenses."
"It is a product that is priced in a medium range, making it neither a cheap nor a costly product."
"Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
"We use the free version of Wazuh."
"Wazuh is free and open source."
"Wazuh is a cheaply priced product."
"The product price is neither too high nor too low."
"Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
"There is not a license required for Wazuh."
"Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
831,265 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Educational Organization
8%
Financial Services Firm
8%
Comms Service Provider
7%
Computer Software Company
16%
Comms Service Provider
7%
University
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about AT&T AlienVault USM?
The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
What needs improvement with AT&T AlienVault USM?
There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.
What do you like most about Wazuh?
Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
What needs improvement with Wazuh?
I am investigating more about the community support for Wazuh. I can't provide a definitive answer yet. An issue I noticed is with tag values in certain rules not functioning properly. It's unclear...
What is your primary use case for Wazuh?
I am currently evaluating and using Wazuh for file monitoring and compliance reporting. We are in the process of conducting a POC to understand how the rules work. I lead this effort to explore and...
 

Comparisons

 

Also Known As

AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
No data available
 

Overview

 

Sample Customers

Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
Information Not Available
Find out what your peers are saying about USM Anywhere vs. Wazuh and other solutions. Updated: January 2025.
831,265 professionals have used our research since 2012.