Try our new research platform with insights from 80,000+ expert users

Elastic Security vs USM Anywhere comparison

Elastic and LevelBlue are both solutions in the Security Information and Event Management (SIEM) category. Elastic is ranked #5 with an average rating of 7.7, while LevelBlue is ranked #31 with an average rating of 7.3. Elastic holds a 7.3% mindshare in SIEM, compared to LevelBlue’s 1.2% mindshare. Additionally, 85% of Elastic users are willing to recommend the solution, compared to 92% of LevelBlue users who would recommend it.
Elastic Security
Read 61 Elastic Security reviews
  • 11,545 Views
  • 9,631 Comparison Views
85% willing to recommend
USM Anywhere
Read 114 USM Anywhere reviews
  • 3,529 Views
  • 2,406 Comparison Views
92% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

USM Anywhere and Elastic Security are leading products in the cybersecurity landscape. Based on user reviews, Elastic Security leads in feature richness, making it worth the investment despite higher pricing.

Features: USM Anywhere users highlight the platform's comprehensive threat detection, real-time monitoring, and integrated SIEM capabilities. Elastic Security is praised for its advanced anomaly detection, scalability, and integration with the broader Elastic Stack.

Room for Improvement: Users of USM Anywhere suggest enhancements in reporting capabilities and integration with more third-party tools. Feedback for Elastic Security points to a need for improved documentation and a more streamlined initial setup.

Ease of Deployment and Customer Service: USM Anywhere is noted for its straightforward deployment process and responsive customer support. Elastic Security's deployment is seen as more complex but offers extensive customization.

Pricing and ROI: USM Anywhere is seen as cost-effective with a good balance of price and features. Elastic Security, while more expensive, is viewed as delivering high ROI due to its extensive capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Elastic Security vs. USM Anywhere Report (Updated: November 2024).
Buyer's Guide
Elastic Security vs. USM Anywhere
November 2024
Download the complete report
Helped 816,192 peers since 2012
 

Categories and Ranking

Elastic Security
Ranking in Log Management
5th
Ranking in Security Information and Event Management (SIEM)
5th
Ranking in Endpoint Detection and Response (EDR)
16th
Average Rating
7.6
Number of Reviews
61
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (8th)
USM Anywhere
Ranking in Log Management
34th
Ranking in Security Information and Event Management (SIEM)
31st
Ranking in Endpoint Detection and Response (EDR)
51st
Average Rating
8.4
Number of Reviews
114
Ranking in other categories
Compliance Management (11th)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Elastic Security is 7.3%, down from 9.1% compared to the previous year. The mindshare of USM Anywhere is 1.2%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Gajewski Marek - PeerSpot reviewer
Provides good anomaly detection and connectivity reporting
We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.
Read full review
Omer Jamil - PeerSpot reviewer
An easy-to-deploy tool that needs to improve its vulnerability scanning feature
To those who plan to use the solution, I would suggest that they go through the documentation and online training models available for free, as it can help you deploy the product quickly while also being helpful in areas where there is a need to understand correlation and monitoring. I rate the overall product a seven out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The feature that we have found the most valuable is scalability."
"Elastic is straightforward, easy to integrate, and highly customizable."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"I like the indexing of the logs."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"It's simple and easy to use."
More Elastic Security pros
"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."
"We're using it more for reporting, that's all. We're using it to help our customers to pass any kind of audits that they receive."
"The new cloud-based panel is excellent both for client review as well as for our SOC to review and respond to threats. It is much easier to configure and use than the previous solution from AlienVault.​"
"The vulnerability manager and the file integration are very good."
"The Event Correlation and vulnerability scans have been the most useful. As a 24/7 SOC, we use the incoming alarms to give an overview of suspicious traffic going through the network. It's easy to look at the correlated events and see the broad picture of traffic for that customer. Vulnerability scans are good for providing patch and remediation guidelines to keep customer systems secure."
"The best feature of this product is the ease of use. It is extremely easy to set up and get going. This is a very useful tool for a small organization."
"We had used previous products and found AlienVault centralized the logging for our security."
"Ease of deployment across various environments."
More USM Anywhere pros
 

Cons

"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"Better integration with third-party APMs would be really good."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."
"This solution is very hard to implement."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"In terms of improvement, there could be more automation in responding to and evaluating detections."
"There isn't really a very good user experience. You need a lot of training."
More Elastic Security cons
"The only complex area of the setup was writing the custom scripts."
"It would be hard for any legitimate MSSP to use it."
"This solution could be easier to use."
"For creating new rules, you have to be familiar with regular expressions. I feel there could be something built-in to make sure that process is easier."
"AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive."
"AT&T AlienVault USM can improve searchable data. It should be available for more than 90 days. If you need more than 90 days of data, you have to put a request and they give you raw data, which is not easy to search. A good addition would be to allow users to search data older than 90 days."
"The dashboard could be improved as well as the level of customization."
"Windows log collection works with HIDS, but documentation is sparse and confusing."
More USM Anywhere cons
 

Pricing and Cost Advice

"Elastic Stack is an open-source tool. You don't have to pay anything for the components."
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"This is an open-source product, so there are no costs."
"The solution is free."
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
"Affordable but with additional costs"
More Elastic Security pricing and cost advice
"I rate the price of AT&T AlienVault USM a four out of five."
"We ran a few PoCs. The price and feature set were the best with AlienVault."
"Pricing is very competitive with other products and you get much more functionality from AlienVault."
"Its price is in the medium to upper range."
"The price for this solution is very good, but since the features do not work the price is expensive."
"AlienVault is certainly not nearly as expensive as Splunk or QRadar. It's decently priced, but I don't have the exact figure."
"I don't think the product's pricing is a good value because they try to raise the price 50 percent every year... AlienVault needs to understand that not all customers are huge enterprises... Their sales team is way too aggressive. The price they advertise is not always the price you get."
"We pay around $12,000 a year including storage."
More USM Anywhere pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
816,192 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Government
10%
University
7%
Computer Software Company
18%
Educational Organization
9%
Financial Services Firm
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
See all answers
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
See all answers
What is your experience regarding pricing and costs for Elastic Security?
Compared to other tools, Elastic Security is a cheaper solution.
See all answers
What do you like most about AT&T AlienVault USM?
The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
See all answers
What is your experience regarding pricing and costs for AT&T AlienVault USM?
The price is really variable depending on what tier the customer is subscribing to. I think USM Anywhere recently started a 125, a 250, and then 500 and 1000 tier. So it depends on the organization...
See all answers
What needs improvement with AT&T AlienVault USM?
The only issue that you need to bypass is the issue with integration with some other log sources, some other application security applications. The issue is still present. The process of collecting...
See all answers
 

Comparisons

Wazuh vs Elastic Security Logo
Wazuh vs Elastic Security
Compared 33% of the time
CrowdStrike Falcon vs Elastic Security Logo
CrowdStrike Falcon vs Elastic Security
Compared 8% of the time
IBM Security QRadar vs Elastic Security Logo
IBM Security QRadar vs Elastic Security
Compared 7% of the time
Microsoft Sentinel vs Elastic Security Logo
Microsoft Sentinel vs Elastic Security
Compared 7% of the time
Splunk Enterprise Security vs Elastic Security Logo
Splunk Enterprise Security vs Elastic Security
Compared 6% of the time
More Elastic Security Competitors
Wazuh vs USM Anywhere Logo
Wazuh vs USM Anywhere
Compared 19% of the time
AlienVault OSSIM vs USM Anywhere Logo
AlienVault OSSIM vs USM Anywhere
Compared 19% of the time
Splunk Enterprise Security vs USM Anywhere Logo
Splunk Enterprise Security vs USM Anywhere
Compared 11% of the time
IBM Security QRadar vs USM Anywhere Logo
IBM Security QRadar vs USM Anywhere
Compared 9% of the time
Securonix Next-Gen SIEM vs USM Anywhere Logo
Securonix Next-Gen SIEM vs USM Anywhere
Compared 3% of the time
More USM Anywhere Competitors
 

Product Reports

Buyer's Guide
Elastic Security
November 2024
Elastic Security reportDownload Elastic Security product report
Buyer's Guide
USM Anywhere
October 2024
USM Anywhere reportDownload USM Anywhere product report
 

Also Known As

Elastic SIEM, ELK Logstash
AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
 

Learn More

Elastic
Video not available
LevelBlue
 

Overview

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

  • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
  • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
  • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

Discover

  • Network asset discovery
  • Software & services discovery
  • AWS asset discovery
  • Azure asset discovery
  • Google Cloud Platform asset discovery

Analyze

  • SIEM event correlation, auto-prioritized alarms
  • User activity monitoring
  • Up to 90-days of online, searchable events

Detect

  • Cloud intrusion detection (AWS, Azure, GCP)
  • Network intrusion detection (NIDS)
  • Host intrusion detection (HIDS)
  • Endpoint Detection and Response (EDR)

Respond

  • Forensics querying
  • Automate & orchestrate response
  • Notifications and ticketing

Assess

  • Vulnerability scanning
  • Cloud infrastructure assessment
  • User & asset configuration
  • Dark web monitoring

Report

  • Pre-built compliance reporting templates
  • Pre-built event reporting templates
  • Customizable views and dashboards
  • Log storage
 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
Buyer's Guide
Elastic Security vs. USM Anywhere
November 2024
Free Report: Elastic Security vs. USM Anywhere
Find out what your peers are saying about Elastic Security vs. USM Anywhere and other solutions. Updated: November 2024.
DOWNLOAD NOW
816,192 professionals have used our research since 2012.
See our Elastic Security vs. USM Anywhere report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.