I find that USM Anywhere is not overly complicated and things flow logically. The way it lays out the Microsoft alert and formats the text for you so you can actually read it is very workable.
Senior Security Information Manager at agiito
Easy to use and affordable
Pros and Cons
- "What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on and does it quite well. There are no whistles and bells, it's reliable and simple to use."
- "USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it."
What is our primary use case?
What is most valuable?
What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on and does it quite well. There are no whistles and bells, it's reliable and simple to use. Also, for the first time in eight years, I felt I could actually work with the raw data. I don't have to use search or log file manipulator engines because I can see the log file directly. It's readable and it's not cloudy like, for example, QRadar.
What needs improvement?
USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it.
For how long have I used the solution?
I've been using it for 11 months.
Buyer's Guide
USM Anywhere
November 2023

Learn what your peers think about USM Anywhere. Get advice and tips from experienced pros sharing their opinions. Updated: November 2023.
745,140 professionals have used our research since 2012.
What do I think about the stability of the solution?
I've never had an outage on it, so I would rate the stability of the solution a ten out of ten. I've used it for 11 months and it has never failed.
What do I think about the scalability of the solution?
I would rate the scalability of USM Anywhere an eight out of ten. We are a smaller company and about a dozen people use the solution. It scales for us and we never fill out the data allocation we paid for.
How are customer service and support?
I've never had the chance to contact technical support. The service call costs money and I would need to get permission from my director first.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I was certified in QRadar. I was a third-line engineer. I have also used ArcSight.
How was the initial setup?
The initial setup is relatively easy. It was done by my technical director, but I'm sure anyone could do it.
What's my experience with pricing, setup cost, and licensing?
The solution is not expensive at all. When it comes to costliness, I would rate it a two out of ten.
What other advice do I have?
It's an incredibly good starting point for people who've never used something similar. A great benefit of it is that you can use it as a compliance tool as well, not just an alerting tool.
Overall, I give it a seven out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Sep 11, 2023
Flag as inappropriate
Cyber Security Analyst at DIgital Sentry Ltd
It provides a central place for ingesting and managing logs but lacks automated remediation
Pros and Cons
- "Having everything in a central place has been helpful."
- "AlienVault cannot automatically respond to threats like other SIEM solutions, such as Sentinel and LogRhythm. Most of our clients are far away, so it's often challenging to handle alerts when they come up on our dashboard."
What is our primary use case?
AlienVault provides a central place for monitoring the logs from various security tools in our environment, such as CrowdStrike and Datrix. It gives us complete visibility into the logs from those tools and endpoints in our environment. We use AlienVault for managing logs and vulnerabilities with tools like CrowdStrike.
What is most valuable?
Having everything in a central place has been helpful.
What needs improvement?
AlienVault cannot automatically respond to threats like other SIEM solutions, such as Sentinel and LogRhythm. Most of our clients are far away, so it's often challenging to handle alerts when they come up on our dashboard.
For how long have I used the solution?
We have been using AlienVault for two years now.
What do I think about the stability of the solution?
I rate AlienVault seven out of 10 for stability. Deploying AlienVault on-prem has been a challenge. The network sometimes drops, and it disconnects the sensor.
What do I think about the scalability of the solution?
I rate AlienVault USM eight out of 10 for scalability.
Which solution did I use previously and why did I switch?
We were using an open-source solution, then we upgraded to USM.
How was the initial setup?
I rate AlienVault USM eight out of 10 for ease of setup. I've deployed it on-prem and in the cloud in EXI. You can deploy it in under 10 minutes. I deployed it by myself. It was easy for me because I attended the training, but some of my colleagues didn't. It was challenging for them to implement. However, one person is enough if you're trained.
What's my experience with pricing, setup cost, and licensing?
You might have to pay an additional fee to increase the number of sensors. We have five sensors, but other clients have three. I think you need to pay more to extend to four or five.
Which other solutions did I evaluate?
We tried Elastic Security, but it was difficult for us to implement.
What other advice do I have?
I rate AlienVault USM seven out of 10. It can do the job if log management is what you want, but it lacks automated response.
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Buyer's Guide
USM Anywhere
November 2023

Learn what your peers think about USM Anywhere. Get advice and tips from experienced pros sharing their opinions. Updated: November 2023.
745,140 professionals have used our research since 2012.
DevOps Engineer at a tech services company with 201-500 employees
Impressive visuals, high performance, and good user experience
Pros and Cons
- "AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable."
- "The AT&T AlienVault USM is okay, but the relational database is not very good for large amounts of data. For example, many logs cannot be processed. It has been very slow for the queries and some data which are large, it is not very good in this case."
What is our primary use case?
We are using AT&T AlienVault USM for SIEM, collecting logs from clients, traffic, analyzing, forensics, and security.
What is most valuable?
AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable.
What needs improvement?
The AT&T AlienVault USM is okay, but the relational database is not very good for large amounts of data. For example, many logs cannot be processed. It has been very slow for the queries and some data which are large, it is not very good in this case.
For how long have I used the solution?
I have been using AT&T AlienVault USM for approximately five years.
What do I think about the scalability of the solution?
We are using AT&T AlienVault USM as a client, if we want to increase the data we can collect more data because the solution can expand well horizontally.
Between the cellphones and laptops usage, we have more than 250 users using his solution in my organization.
How are customer service and support?
We have not used the technical support but we have clear documentation that we use.
How was the initial setup?
The initial setup was straightforward. We have a server room which we deploy from.
What about the implementation team?
The maintenance of the solution is not very difficult.
What other advice do I have?
I would recommend this solution because it is simple to deploy, has high performance, and has a great user experience.
I rate AT&T AlienVault USM a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
ICT Consultant at N3tcom
Highly stable, easy to use, and simple implementation
Pros and Cons
- "The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events."
- "The price of AT&T AlienVault USM could be reduced."
What is our primary use case?
We are using AT&T AlienVault USM for collecting the events, generating alarms, and events management.
What is most valuable?
The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events.
What needs improvement?
The price of AT&T AlienVault USM could be reduced.
For how long have I used the solution?
I have been using AT&T AlienVault USM for approximately two years.
What do I think about the stability of the solution?
I am satisfied with the stability of AT&T AlienVault USM.
I rate the stability of AT&T AlienVault USM a five out of five.
What do I think about the scalability of the solution?
AT&T AlienVault USM is scalable enough for our needs.
How was the initial setup?
The initial setup of AT&T AlienVault USM was easy. Which involved all the configurations of correlation rules, and other elements for customer problems management. The full implementation took approximately two days.
What about the implementation team?
I did the implementation of AT&T AlienVault USM with a colleague.
What's my experience with pricing, setup cost, and licensing?
AT&T AlienVault USM is an expensive solution and we pay for the license and the support separately. We paid for the license and support for three years.
What other advice do I have?
I would recommend this solution to others.
We do not use all the features of the solution.
I rate AT&T AlienVault USM an eight out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Team Lead & Principal Software Engineer at a tech services company with 51-200 employees
Integrates well, useful vulnerability manager, but GUI needs improvements
Pros and Cons
- "The vulnerability manager and the file integration are very good."
- "The GUI needs to improve because it's not user-friendly."
What is our primary use case?
ATT AlienVault USM detects and responds to threats.
What is most valuable?
The vulnerability manager and the file integration are very good.
What needs improvement?
The GUI needs to improve because it's not user-friendly.
For how long have I used the solution?
I have been using ATT AlienVault USM for approximately two years.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
ATT AlienVault USM is scalable.
It's not a good product for me, but for the small organization, it's a very good product.
The solution is being extensively used by one of our customers.
How are customer service and support?
ATT AlienVault USM support is very good, they respond quickly to our needs.
How was the initial setup?
The initial setup is not complex because it is a cloud solution. The sensor setup will only take a few hours.
What about the implementation team?
The solution is maintained by the vendor.
What's my experience with pricing, setup cost, and licensing?
They charge a license based on the storage. ATT AlienVault USM is a less expensive solution than IBM QRadar.
What other advice do I have?
My advice is ATT AlienVault USM is a great tool for small to medium size organizations. If the budget is not very good then you will need a good level team.
I rate ATT AlienVault USM a six out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free USM Anywhere Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2023
Product Categories
Security Information and Event Management (SIEM) Log Management EDR (Endpoint Detection and Response) Compliance ManagementPopular Comparisons
CrowdStrike Falcon
Splunk Enterprise Security
Datadog
Zabbix
Microsoft Sentinel
Elastic Security
IBM Security QRadar
LogRhythm SIEM
Graylog
AWS Security Hub
Sumo Logic Security
Fortinet FortiSIEM
Rapid7 InsightIDR
Buyer's Guide
Download our free USM Anywhere Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Has anyone got experience in deployment of a SIEM solution?
- AlienVault saying I can't use it in a DHCP environment. Help!
- What Solution for SIEM is Best To Be NIST 800-171 Compliant?
- When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?
- What are the main differences between Nessus and Arcsight?
- Which is the best SIEM solution for a government organization?
- What is the difference between IT event correlation and aggregation?
- What Is SIEM Used For?
- What Questions Should I Ask Before Buying SIEM?
- RSA-EMC vs. other SIEM products?