We performed a comparison between AT&T AlienVault USM and Wazuh based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between the two products is that Wazuh users say the product is missing threat intelligence. In addition, Wazuh users do not mention an ROI. For these reasons, AT&T AlienVault USM is the winner in this comparison.
"It has allowed us to see what is happening on our servers."
"Its powerful correlation engine helps reduce time in manually correlating events."
"AlientVault has helped us in improving our visualization and incident response during cybersecurity situations."
"The most valuable feature is threat intelligence."
"Ease of deployment across various environments."
"OTX is a great module that lets staff maintain and monitor updates regarding events in the infrastructure and takes decision to improve the security perimeter."
"Any unusual behaviour, we can monitor. We have alerts set up to be sent when we receive signs of any unusual behaviour."
"The most valuable feature of this solution is security management for PCI DSS."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"I like that the solution is on top of the Kubernetes stack."
"My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance."
"Wazuh has very flexible and robust features."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"The log monitoring and analysis tools are great in addition to SIEM file activity monitoring."
"The dashboard could be improved as well as the level of customization."
"Their threat intelligence platform needs to be broadened. They should integrate it with more threat intelligence platforms. For the threat feed that they get from open intelligence, I would like them to add a few premium threat intelligence platforms. They can provide a bundle in which AlienVault has the threat intelligence background of other premium products."
"There are many reports included but would be nice to have better access to the data."
"It would be hard for any legitimate MSSP to use it."
"The reporting tools are a bit lacking for building reports to give directly to customers, but support has been helpful in giving our requests for new features to the development team and following up with us."
"Plugins could be better utilized, as some of them do not recognize all logs."
"The only room for improvement I can mention is the initial installation procedures. I found that the online installation instructions for the product were missing important details, they lacked necessary steps."
"We develop additional rules and scripts to make it more usable."
"The implementation is very complex."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
"Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system."
"Some features, like alerting, are complex with Wazuh."
"The only challenge we faced with Wazuh was the lack of direct support."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
USM Anywhere is ranked 15th in Log Management with 113 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. USM Anywhere is rated 8.4, while Wazuh is rated 7.4. The top reviewer of USM Anywhere writes "Easy to use and affordable". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". USM Anywhere is most compared with AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel and LogRhythm SIEM, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and Graylog. See our USM Anywhere vs. Wazuh report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.