Try our new research platform with insights from 80,000+ expert users

USM Anywhere pros and cons

Vendor: LevelBlue

4.2 out of 5

115 reviews
92% willing to recommend

4,697 followers

Pros & Cons summary

USM Anywhere is acclaimed for its user-friendly interface and swift deployment, offering features like SIEM, asset management, and threat detection. However, its vulnerability scanning and plugin integration require enhancement. While it centralizes log monitoring and supports third-party integration for network protection, reporting tools are complex, and there are scalability constraints due to a 60 TB limit. Broader threat intelligence integration would further strengthen its application for large enterprises.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

USM Anywhere is highly praised for its ease of use, allowing for quick setup and deployment across various environments.

AlienVault USM integrates multiple important security features such as SIEM, HIDS/NIDS, asset management, and threat detection, providing a comprehensive security solution.

The platform's powerful correlation engine and centralized log management enhance security monitoring and compliance management.

AlienVault OTX integration supports proactive monitoring and updates on security threats, aiding in maintaining robust security measures.

USM Anywhere provides significant value in vulnerability management, helping identify and address patch requirements efficiently.

CONS

Vulnerability scanning and reporting features in USM Anywhere need significant improvement, with users requiring options for custom output and easier search capabilities.

USM Anywhere has limitations with its integration tools, and there is a need for broader compatibility with third-party technologies like Office 365 and Google Suite.

There are issues with stability in USM Anywhere, particularly during updates, affecting its reliability.

Search performance and log querying in USM Anywhere are slow, impacting its efficiency in handling data.

USM Anywhere lacks advanced threat intelligence integration and automatic threat response capabilities compared to other SIEM solutions.

USM Anywhere Pros review quotes

VS

Manager, Enterprise Risk Consulting at Deloitte & Touche

Jul 5, 2017

The best thing about AlienVault USM is it being a “Jack-of-All Trades” solution. It provides SIEM, HIDS/NIDS, FIM, NetFlow, Asset Management, Vulnerability Management, etc., under one USM platform. None of the commercial SIEM vendors like ArcSight, McAfee, etc., can boast of such a diverse feature set.

Read full review

Consultant at a tech services company with 11-50 employees

Sep 16, 2018

On any given day I could give you a different answer regarding the most valuable features of the product. The feature that is most important is the fact that it has a lot of features, that it's not just a log collection and correlation system, that it has a lot of other components built in. The bundle of features is really the killer feature.

Read full review

JT

Owner at ThatsIT Consultants

Jul 11, 2021

In terms of monitoring, my best feature would be the monitoring of components across the network. It monitors the respective nodes and any new node that comes onto the network and provides reports. The reporting dashboards are really helpful for management in terms of making decisions around patch management.

Read full review

Free Report: USM Anywhere Reviews and More

Learn what your peers think about USM Anywhere. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.

849,686 professionals have used our research since 2012.

reviewer1607511

Solutions Engineer at RapidScale

Jul 4, 2021

We're using it more for reporting, that's all. We're using it to help our customers to pass any kind of audits that they receive.

Read full review

Founding Member at Integotec

Sep 30, 2022

The most valuable feature is vulnerability management because it gives you insight into your environment to know what systems need to be updated or patched.

Read full review

VP at Castra Consulting

Dec 12, 2018

The IDS and the threat intelligence are very useful. They are very intuitive and data-rich.

Read full review

JS

Senior Network Architect / Network Team Leader at ICE Consulting. Inc.

Nov 18, 2020

The other big selling feature for us was its integration capabilities with all the other security-based products.

Read full review

Principal DevOps Engineer at a tech vendor with 11-50 employees

Dec 21, 2021

AlienVault's reporting is good. I like that vulnerability assessment is part of the solution, and the UI is intuitive. Also, the overhead is low, which is to say we don't need a dedicated SOC team to manage and analyze things constantly. We're a small company that doesn't have those resources.

Read full review

Systems Administrator at a healthcare company

Aug 12, 2018

The dashboards are very descriptive and contain just the right amount of information. The activity alarms and events contain a plethora of data that is very descriptive and useful.

Read full review

Oluwatoyese Agoro

Information Security Engineer at Infoprive

Sep 12, 2024

The asset discovery and inventory capabilities in USM Anywhere is quite good.

Read full review

Show 10 more reviews (out of 57)

USM Anywhere Cons review quotes

VS

Manager, Enterprise Risk Consulting at Deloitte & Touche

Jul 5, 2017

The lack of mature functionality and expertise in any of those areas is a strong negative.

Read full review

Consultant at a tech services company with 11-50 employees

Sep 16, 2018

Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on the thing. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies.

Read full review

JT

Owner at ThatsIT Consultants

Jul 11, 2021

I've been using it just for my own personal upskilling in terms of how the product works. At the moment, it is pretty straightforward and simple, and it is working how it is supposed to. The feedback would come once it is deployed to customer sites. They'll be using it on a more frequent basis, and that's when the feedback would come in terms of the areas in which they're facing issues or are looking for simplicity.

Read full review

Free Report: USM Anywhere Reviews and More

Learn what your peers think about USM Anywhere. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.

849,686 professionals have used our research since 2012.

reviewer1607511

Solutions Engineer at RapidScale

Jul 4, 2021

There could be some type of integration with our existing portal. We have our own customer portals, and it would be good if there was an integration so that our portal can provide reports. There could be some type of API into the AlienVault system with the USM system so that it is easy to show the customers high-level reports of the system through our portal.

Read full review

Founding Member at Integotec

Sep 30, 2022

I want to see more compliance management capability. The quality of integrations seems to be a little bit low.

Read full review

VP at Castra Consulting

Dec 12, 2018

One area that has room for improvement is storage. AllienVault is a good place to put logs, but sometimes it's a tough place to go get logs... The logger can only hold so much data. If they improved that, that would help.

Read full review

JS

Senior Network Architect / Network Team Leader at ICE Consulting. Inc.

Nov 18, 2020

I'd like to see a dashboard that's a little more descriptive.

Read full review

Principal DevOps Engineer at a tech vendor with 11-50 employees

Dec 21, 2021

I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins.

Read full review

Systems Administrator at a healthcare company

Aug 12, 2018

The only room for improvement I can mention is the initial installation procedures. I found that the online installation instructions for the product were missing important details, they lacked necessary steps.

Read full review

Oluwatoyese Agoro

Information Security Engineer at Infoprive

Sep 12, 2024

There is room for improvement in Log parsing.

Read full review

Show 10 more reviews (out of 55)

Related questions

38

Has anyone got experience in deployment of a SIEM solution?

104

AlienVault saying I can't use it in a DHCP environment. Help!

285

What Solution for SIEM is Best To Be NIST 800-171 Compliant?

60

When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?

141

What are the main differences between Nessus and Arcsight?

6

What's The Best Way to Trial SIEM Solutions?

207

Which is the best SIEM solution for a government organization?

1,169

What is the difference between IT event correlation and aggregation?

165

What Is SIEM Used For?

26

RSA-EMC vs. other SIEM products?