Cancel
You must select at least 2 products to compare!
Microsoft Logo
35,678 views|20,151 comparisons
AT&T Logo
7,286 views|5,035 comparisons
Zabbix Logo
29,853 views|23,528 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between USM Anywhere and Zabbix based on real PeerSpot user reviews.

Find out what your peers are saying about Splunk, Microsoft, IBM and others in Security Information and Event Management (SIEM).
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: November 2023).
745,140 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The dashboard that allows me to view all the incidents is the most valuable feature.""I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products.""Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything.""We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility.""Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications.""Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it.""The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user.""The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."

More Microsoft Sentinel Pros →

"AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable.""Every activity on the firewall is recorded, and notifications are sent with this solution.""Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs.""The vulnerability manager and the file integration are very good.""Easy to use, scalable, stable, and very intuitive platform that provides protection against security threats.""The ease of implementation is the most valuable feature.""The most valuable feature is vulnerability management because it gives you insight into your environment to know what systems need to be updated or patched.""AlienVault's reporting is good. I like that vulnerability assessment is part of the solution, and the UI is intuitive. Also, the overhead is low, which is to say we don't need a dedicated SOC team to manage and analyze things constantly. We're a small company that doesn't have those resources."

More USM Anywhere Pros →

"Every new asset placed in the environment can be automatically detected, predicting human failures.""The flexibility of this solution is amazing.""Zabbix is a cost-effective solution. We're a small organization with a few dozen devices to monitor, and it was available for free. We can see what we need. We haven't done an in-depth analysis on it, but we're currently okay with the product.""The solution is quite mature and very stable.""Zabbix helps to save time.""The most valuable feature is the protocol to manage anything.""The solution allows you to configure and customize how you want to collect information from servers or other systems.""The product is very stable."

More Zabbix Pros →

Cons
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools.""We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft.""Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs.""The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations.""The playbook is a bit difficult and could be improved.""The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress.""Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities.""Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."

More Microsoft Sentinel Cons →

"Their threat intelligence platform needs to be broadened. They should integrate it with more threat intelligence platforms. For the threat feed that they get from open intelligence, I would like them to add a few premium threat intelligence platforms. They can provide a bundle in which AlienVault has the threat intelligence background of other premium products.""AT&T AlienVault USM can improve searchable data. It should be available for more than 90 days. If you need more than 90 days of data, you have to put a request and they give you raw data, which is not easy to search. A good addition would be to allow users to search data older than 90 days.""I've been told that AlienVault doesn't have a full version of NES running in there, but I'm not sure if that's accurate or if my engineer made it that way. I'm not sure he was completely honest either because we had NES in the environment before. Those tools could be improved because AlienVault is a SIEM, and it added all these other features.""I want to see more compliance management capability. The quality of integrations seems to be a little bit low.""The AT&T AlienVault USM is okay, but the relational database is not very good for large amounts of data. For example, many logs cannot be processed. It has been very slow for the queries and some data which are large, it is not very good in this case.""USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it.""I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins.""AlienVault cannot automatically respond to threats like other SIEM solutions, such as Sentinel and LogRhythm. Most of our clients are far away, so it's often challenging to handle alerts when they come up on our dashboard."

More USM Anywhere Cons →

"The event correlation could be better.""Implementing Zabbix is difficult. I've deployed many solutions over the years, and Zabbix is the hardest to implement. You have to do some development to get it to work with IBM, Micro Focus, or HP products.""The GUI could be more intuitive. Also, we'd like streaming telemetry. Zabbix might have this feature, but I haven't seen it yet. It took us a long time to get started because the documentation isn't very descriptive. We had to go through various sources like YouTube and forums to get this solution working.""Zabbix can use better documentation and support for troubleshooting.""The reports are not great and should be improved.""I had problems using Zabbix when working with SUSE Enterprise; many companies use SUSE.""There is a bit of a learning curve during installation.""The only improvement I would suggest, revolves around its AI and ML capabilities."

More Zabbix Cons →

Pricing and Cost Advice
  • "I have worked with a lot of SIEMs. We are using Sentinel three to four times more than other SIEMs that we have used. Azure Sentinel's only limitation is its price point. Sentinel costs a lot if your ingestion goes up to a certain point."
  • "Pricing is pay-as-you-go with Sentinel, which is good because it all depends on the number of users and the number of devices to which you connect."
  • "For us, it is not expensive at this time, but if we start to collect all logs from our on-premise SIEM solutions, it will cost more than QRadar. If we calculate its cost over the next five or ten years, it will cost more than what we paid for QRadar."
  • "I don't know yet because they gave us a 30-day test window for free."
  • "It's costly to maintain and renew."
  • "Microsoft Sentinel is expensive."
  • "Sentinel is pretty competitive. The pricing is at the level of other SIEM solutions."
  • "It is certainly the most expensive solution. The cost is very high. We need to do an assessment using the one-month trial so that we can study the cost side. Before implementing it, we must do a careful calculation."
  • More Microsoft Sentinel Pricing and Cost Advice →

  • "They charge a license based on the storage. ATT AlienVault USM is a less expensive solution than IBM QRadar."
  • "It is affordable, and it also has many features that the premium products such as ArcSight and QRadar have. It is a very good platform for a SIEM solution. Everything is included in the price."
  • "AlienVault is certainly not nearly as expensive as Splunk or QRadar. It's decently priced, but I don't have the exact figure."
  • "I rate the price of AT&T AlienVault USM a four out of five."
  • "AT&T AlienVault USM is an expensive solution and we pay for the license and the support separately. We paid for the license and support for three years."
  • "They are a little more expensive than Microsoft."
  • "We pay around $12,000 a year including storage."
  • More USM Anywhere Pricing and Cost Advice →

  • "Zabbix and Grafana are both open source products, we only needed to go to their website and download the application and we began to use them. The solutions are free."
  • "This is an open-source solution that can be used free of charge."
  • "We pay the subscription for support by year."
  • "Zabbix is a free solution but the support contact costs money."
  • "The solution is open source so is free."
  • "It is worth every cent to pay or even study to do your own installation."
  • "This solution is open-source and free to use."
  • "Zabbix is an open-source tool, and it's free to use."
  • More Zabbix Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    745,140 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Top Answer:What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on… more »
    Top Answer:The solution is not expensive at all. When it comes to costliness, I would rate it a two out of ten.
    Top Answer:USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing… more »
    Comparisons
    Also Known As
    Azure Sentinel
    AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
    Learn More
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

    Discover

    • Network asset discovery
    • Software & services discovery
    • AWS asset discovery
    • Azure asset discovery
    • Google Cloud Platform asset discovery

    Analyze

    • SIEM event correlation, auto-prioritized alarms
    • User activity monitoring
    • Up to 90-days of online, searchable events

    Detect

    • Cloud intrusion detection (AWS, Azure, GCP)
    • Network intrusion detection (NIDS)
    • Host intrusion detection (HIDS)
    • Endpoint Detection and Response (EDR)

    Respond

    • Forensics querying
    • Automate & orchestrate response
    • Notifications and ticketing

    Assess

    • Vulnerability scanning
    • Cloud infrastructure assessment
    • User & asset configuration
    • Dark web monitoring

    Report

    • Pre-built compliance reporting templates
    • Pre-built event reporting templates
    • Customizable views and dashboards
    • Log storage

    Zabbix is an open-source monitoring software that provides real-time monitoring and alerting for servers, networks, applications, and services. 

    It offers a wide range of features including data collection, visualization, and reporting. 

    With its user-friendly interface and customizable dashboards, Zabbix helps organizations ensure the availability and performance of their IT infrastructure.

    Offer
    Learn more about Microsoft Sentinel
    Learn more about USM Anywhere
    Learn more about Zabbix
    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
    1. IBM 2. Dell 3. Cisco 4. HP 5. Oracle 6. Microsoft 7. Amazon 8. Google 9. Facebook 10. Twitter 11. LinkedIn 12. Netflix 13. Adobe 14. VMware 15. Salesforce 16. SAP 17. Intel 18. AT&T 19. Verizon 20. T-Mobile 21. Vodafone 22. Ericsson 23. Nokia 24. Siemens 25. General Electric 26. Honeywell 27. Philips 28. Sony 29. Samsung 30. LG 31. Panasonic 32. Toshiba
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Real Estate/Law Firm6%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm19%
    Healthcare Company17%
    Computer Software Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider8%
    Government7%
    Educational Organization6%
    REVIEWERS
    Computer Software Company23%
    Comms Service Provider10%
    Financial Services Firm8%
    Aerospace/Defense Firm8%
    VISITORS READING REVIEWS
    Educational Organization31%
    Computer Software Company13%
    Comms Service Provider7%
    Government7%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise20%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise16%
    Large Enterprise60%
    REVIEWERS
    Small Business55%
    Midsize Enterprise25%
    Large Enterprise20%
    VISITORS READING REVIEWS
    Small Business36%
    Midsize Enterprise19%
    Large Enterprise46%
    REVIEWERS
    Small Business49%
    Midsize Enterprise20%
    Large Enterprise31%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise39%
    Large Enterprise42%
    Buyer's Guide
    Security Information and Event Management (SIEM)
    November 2023
    Find out what your peers are saying about Splunk, Microsoft, IBM and others in Security Information and Event Management (SIEM). Updated: November 2023.
    745,140 professionals have used our research since 2012.

    USM Anywhere is ranked 9th in Security Information and Event Management (SIEM) with 13 reviews while Zabbix is ranked 1st in Network Monitoring Software with 34 reviews. USM Anywhere is rated 7.8, while Zabbix is rated 8.6. The top reviewer of USM Anywhere writes "A very scalable solution with vulnerability management that helps avoid weaknesses, but needs broader compliance management capabilities". On the other hand, the top reviewer of Zabbix writes "Very mature, easy to scale, and free to use". USM Anywhere is most compared with Wazuh, AlienVault OSSIM, Splunk Enterprise Security, IBM Security QRadar and ThreatConnect Threat Intelligence Platform (TIP), whereas Zabbix is most compared with Checkmk, Centreon, Nagios XI, SolarWinds NPM and Nagios Core.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.