We performed a comparison between USM Anywhere and Zabbix based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The UI of Sentinel is very good and easy to use, even for beginners."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The Log analytics are useful."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The Event Correlation and vulnerability scans have been the most useful. As a 24/7 SOC, we use the incoming alarms to give an overview of suspicious traffic going through the network. It's easy to look at the correlated events and see the broad picture of traffic for that customer. Vulnerability scans are good for providing patch and remediation guidelines to keep customer systems secure."
"The AlienVault solution has enabled us to create a SOC on a budget with smaller than usual staff requirements, offering a wider range of solutions for our customers."
"It allows you to define what alerts you want to see, or not to see, as well as if you want them grouped, or ungrouped."
"It provides a single pane of glass view, coupled with a whole security ecosystem. The ability to manage everything from a central point, including vulnerability assessments, asset management - including the services provided by the various hosts, NIDS, HIDS, etc. - provides a very efficient way of dealing with things."
"This is a USM, so being able to get all the features under one roof makes it a good product with good new features."
"The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events."
"It has powerful threat detection, incident response, and compliance management."
"The feature that I liked the most is that they have a vulnerability assessment package that comes along with the SIEM solution. So, whenever I find any threat or alert for any of the devices or servers, I could immediately initiate a vulnerability assessment scan on that machine. That is one of a kind. The price at which AlienVault operates is also valuable."
"The overall functionality of Zabbix is very good. The monitoring of bank applications that Zabbix provides is great. The information is displayed on a dashboard that is easily viewed."
"Simple network monitoring that is easy to install and manage."
"The solution is stable."
"It not only provides the preconfigured item monitoring feature, but it is also easy to configure custom items."
"During my testing, the features that I like the most are that it can be integrated with my system, and it provides me with reports of all of my servers."
"The most valuable feature is service assurance."
"I really enjoy network traffic triggers that allow us to check traffic threshold from ISP."
"There are lots of great features and functionality within the solution."
"The reporting could be more structured."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"The product can be improved by reducing the cost to use AI machine learning."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"I feel that some areas of improvement would be vulnerability scanning. We use a separate product that seems to do a much better job."
"AlienVault needs to continue to integrate with other third-party technologies that clients want to have monitored."
"Source material on the forums to be more up-to-date with the changes happening within the product. Forums being out-of-date with information due to the changes makes troubleshooting a little more difficult - specific to the HIDS agents."
"The reporting aspect could be improved. While there are a lot of different options available, there are still pieces which are missing."
"There are many reports included but would be nice to have better access to the data."
"There could be some type of integration with our existing portal. We have our own customer portals, and it would be good if there was an integration so that our portal can provide reports. There could be some type of API into the AlienVault system with the USM system so that it is easy to show the customers high-level reports of the system through our portal."
"Different functions to customize reports should be added."
"The lack of mature functionality and expertise in any of those areas is a strong negative."
"The reports are not great and should be improved."
"Zabbix could improve when it comes to large-scale use cases. Additionally, the inventory could be better when connecting to other solutions, such as ServiceNow. There show to be better integration with other platforms and storage."
"If Zabbix had a better dashboard then it would be nice."
"The graphical user interface could be customized a little bit more, and also the dashboard could be more friendly."
"As far as improvements, sometimes I get a bit frustrated when I move from a previous version to a new one because some configuration has changed—I need to investigate the documentation to deal with some configuration. But it doesn't take much time, so it's okay."
"In the next release, I'm hoping for features targeted towards larger users with more customizable options. Despite this, I think pre-canned reports that can be used straight out of the box would be beneficial rather than having to configure each report individually. Additionally, a deeper dive into software configurations on the machines would be useful, although I understand there may be challenges in implementing this due to scripting requirements. More documentation would also be appreciated."
"Implementation is always tailored to the customer and the kind of information we need from the client to carry it out can make them very uncomfortable. Sometimes the clients are not ready to share it."
"It could be more stable."
USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews while Zabbix is ranked 1st in Network Monitoring Software with 98 reviews. USM Anywhere is rated 8.4, while Zabbix is rated 8.2. The top reviewer of USM Anywhere writes "Easy to use and affordable". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar and Splunk Enterprise Security, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios XI and Nagios Core.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.