USM Anywhere vs i-SIEM [EOL] comparison

Cybereason and LevelBlue are both solutions in the Security Information and Event Management (SIEM) category. Additionally, 100% of Cybereason users are willing to recommend the solution, compared to 92% of LevelBlue users who would recommend it.

i-SIEM [EOL]

Read 1 i-SIEM [EOL] review

100% willing to recommend

USM Anywhere

Read 115 USM Anywhere reviews

1,986 Views
1,353 Comparison Views

92% willing to recommend

i-SIEM [EOL]

USM Anywhere

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Apr 20, 2025

USM Anywhere and i-SIEM compete in security information and event management. USM Anywhere has the upper hand due to its ease of use and customer support, while i-SIEM offers enhanced scalability and advanced features for complex deployments.

Features: USM Anywhere provides comprehensive threat detection, unified security management, and integrated threat intelligence. It is known for its intuitive platform. i-SIEM delivers robust data processing capabilities and is suitable for larger environments due to its enhanced scalability and powerful data handling.

Ease of Deployment and Customer Service: USM Anywhere is recognized for straightforward cloud-based deployment and responsive customer service, making it easy to implement and maintain. i-SIEM, while offering more customization, has a complex setup that can pose challenges.

Pricing and ROI: USM Anywhere generally offers a more favorable initial setup cost with a steady ROI due to its user-friendly interface. i-SIEM requires a significant initial investment but can achieve high ROI in large-scale operations with its advanced capabilities.

To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: April 2025).

Buyer's Guide

Security Information and Event Management (SIEM)

April 2025

Download the complete report

Helped 850,671 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

i-SIEM [EOL]

Average Rating

9.0

Number of Reviews

Ranking in other categories

No ranking in other categories

USM Anywhere

Average Rating

8.4

Reviews Sentiment

7.0

Number of Reviews

115

Ranking in other categories

Log Management (44th), Security Information and Event Management (SIEM) (30th), Endpoint Detection and Response (EDR) (51st), Compliance Management (12th)

Featured Reviews

Dannie Combs

Senior Vice President and Chief Information Security Officer at Donnelley Financial Solutions

The alert fatigue and false positive rates have just plummeted, which is really exciting.

empow has a few areas of improvement as with any other technology, such as continuing to drive innovation in the dashboard. While we've been extremely impressed with the dashboard's ease of use, flexibility, ability to drill down deeply, and focus very intently on an area of interest, there will always be opportunities to be more innovative and open it up to a wider audience than just the operations group, for example. With reporting, there is always a desire to have custom reporting for every client of empow. Relative to keeping up with the sheer pace of cloud-native technologies, it should provide more options for clients to deploy their technologies in unique ways. This is an area that I recommend that they maintain focus.

Read full review

Kris Nawani

Co-Founder/Director at Bangkok MSP Company Limited

Offers complete coverage without the need to install additional software

USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools The solution offers complete coverage without the need to install additional software, as it is maintained by the vendor. It helps in saving…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"As a result of the automation, we are able to manage SIEM with a small security team. I'm in a unique position where we have been growing the security organization quite rapidly over the last three and a half years. But, as a direct result of the empow transition and legacy collection of tools towards the empow platform, we've been able to keep that head count flat. We've been able to redirect a lot of the security team's time away from the wash, rinse, repeat activities of responding to alarms where we have a high degree of confidence that they will be false positives, adjusting the rules accordingly. This can be a bit frustrating for the analyst when they have to spend hours a day dealing with these types of probable false positives. So, it has helped not only us keep our headcount flat relative to the resources necessary to provide the assurances that our executives expect of us for monitoring, but allows our analyst team to spend the majority of their time doing what they love. They are spending their time meaningfully with a higher degree of confidence and enjoying getting into the incident response type activity."

"Asset discovery and vulnerability scanner are good features. The integration between this solution and OTX, which is an AlienVault platform for Open Threat Exchange, is also a valuable feature. It is also quick and easy to deploy, so you can quickly engage with a customer's environment."

"There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems."

"The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events."

"The USM is a work horse, no matter what devices or the number of logs we throw at it, the system processes them in real time, correlates the events, and alerts on only events that need human review."

"What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on and does it quite well. There are no whistles and bells, it's reliable and simple to use."

"Log-monitoring and alerting enable us to know when things happen that we need to know about."

"The AlienVault solution has enabled us to create a SOC on a budget with smaller than usual staff requirements, offering a wider range of solutions for our customers."

"As we have to service several servers, we can manage them in a economical way, which is beneficial to our team and business."

More USM Anywhere pros

Cons

"Relative to keeping up with the sheer pace of cloud-native technologies, it should provide more options for clients to deploy their technologies in unique ways. This is an area that I recommend that they maintain focus."

"Plugins could be better utilized, as some of them do not recognize all logs."

"The only complex area of the setup was writing the custom scripts."

"Windows log collection works with HIDS, but documentation is sparse and confusing."

"Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on the thing. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies."

"USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it."

"The reporting and dashboards have room for improvement."

"We've had some stability problems, not a lot, but a few. Updates seem to be the worst. That seems to be when the stability problems come up."

"The AT&T AlienVault USM is okay, but the relational database is not very good for large amounts of data. For example, many logs cannot be processed. It has been very slow for the queries and some data which are large, it is not very good in this case."

More USM Anywhere cons

Pricing and Cost Advice

"With a higher degree of fidelity in the alarms, we were able to avoid adding additional resources to our teams. We take into account the cost of security resources in the market and the significantly higher fidelity from the alarms that are being generated. This drove down our costs with our MSSP. It drove down my cost for human capital internally. It drove down our need to have multiple resources supporting the underlying infrastructure and health and maintenance of empow as a platform from several resources down to one. Therefore, human capital costs were significantly reduced. Our operating expenses were significantly reduced. Our capital costs were significantly reduced while tripling our capacity and our run rate reduced. It was almost a "too good to be true" situation. Fortunately, for us, it worked out very nicely."

"I don't have to put up with any longer with these hypercomplex licensing agreements. Every time I want to add some additional reporting as a compliance centric or regulatory specific, e.g., GDPR, PCI, or Sarbanes-Oxley, many providers would have an additional license for this, which felt a bit ridiculous to me. With the simplified licensing architecture, there were no hidden "gotchas" down the road with empow. Something I have experienced with other providers that I've worked with in the past."

"So far, I feel the product's pricing is a good value. The technology is decent. You get what you pay for. I think it's fair."

"The price for this solution is very good, but since the features do not work the price is expensive."

"It's very reasonably priced. It was one of the lowest among the ones I looked at. Licensing is pretty flexible. They can do a two-year or a three-year, even a one-year, perhaps."

"It is affordable, and it also has many features that the premium products such as ArcSight and QRadar have. It is a very good platform for a SIEM solution. Everything is included in the price."

"The vulnerability management solution is worse than buying a Nessus Professional license."

"So far, it has been a good solution for a tight budget."

"It has good pricing."

"They charge a license based on the storage. ATT AlienVault USM is a less expensive solution than IBM QRadar."

More USM Anywhere pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

850,671 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

16%

Real Estate/Law Firm

12%

Financial Services Firm

10%

Legal Firm

Computer Software Company

20%

Financial Services Firm

Comms Service Provider

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Ask a question

Earn 20 points

What do you like most about AT&T AlienVault USM?

The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.

See all answers

What is your experience regarding pricing and costs for AT&T AlienVault USM?

The pricing is amazing and really cheap.

See all answers

What needs improvement with AT&T AlienVault USM?

There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.

See all answers

Comparisons

DNIF HYPERCLOUD vs i-SIEM [EOL]

Compared 100% of the time

More i-SIEM [EOL] Competitors

AlienVault OSSIM vs USM Anywhere

Compared 28% of the time

Splunk Enterprise Security vs USM Anywhere

Compared 14% of the time

Wazuh vs USM Anywhere

Compared 12% of the time

Rapid7 InsightIDR vs USM Anywhere

Compared 11% of the time

IBM Security QRadar vs USM Anywhere

Compared 9% of the time

More USM Anywhere Competitors

Product Reports

Buyer's Guide

Security Information and Event Management (SIEM)

April 2025

Download i-SIEM [EOL] product report

Buyer's Guide

USM Anywhere

April 2025

Download USM Anywhere product report

Also Known As

No data available

AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity

Overview

i-SIEM [EOL] delivers comprehensive monitoring and threat detection capabilities suitable for today's security challenges. It integrates with existing systems, enabling efficient threat analysis and response for knowledgeable users.

i-SIEM [EOL] offers advanced security analytics and seamless integration with security infrastructure, making it a favored choice among technology professionals. Its intuitive design caters to efficient threat management. Users appreciate its capability to process large data volumes for timely threat detection and remediation. The platform ensures effective incident response through automated processes, assisting professionals in maintaining robust security postures.

What are the key features of i-SIEM [EOL]?

Advanced Threat Detection: Utilizes real-time analytics for identifying potential security threats.
Integration Capabilities: Easily connects with diverse security tools for a cohesive security strategy.
Automated Incident Response: Facilitates swift responses to security incidents to mitigate risks.

What benefits and ROI can i-SIEM [EOL] offer?

Reduced Security Risks: Proactively identifies and addresses vulnerabilities before exploitation.
Operational Efficiency: Automation reduces manual workload and minimizes error.
Cost-Effectiveness: Streamlines processes to lower overall security management costs.

i-SIEM [EOL] is implemented across industries like finance, healthcare, and manufacturing, where security and compliance are critical. Its flexibility in handling specific industry requirements makes it suitable for enhancing security postures and operational efficiency.

Cybereason

USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

Discover

Network asset discovery
Software & services discovery
AWS asset discovery
Azure asset discovery
Google Cloud Platform asset discovery

Analyze

SIEM event correlation, auto-prioritized alarms
User activity monitoring
Up to 90-days of online, searchable events

Detect

Cloud intrusion detection (AWS, Azure, GCP)
Network intrusion detection (NIDS)
Host intrusion detection (HIDS)
Endpoint Detection and Response (EDR)

Respond

Forensics querying
Automate & orchestrate response
Notifications and ticketing

Assess

Vulnerability scanning
Cloud infrastructure assessment
User & asset configuration
Dark web monitoring

Report

Pre-built compliance reporting templates
Pre-built event reporting templates
Customizable views and dashboards
Log storage

LevelBlue

Sample Customers

University of Oklahoma, Donnelley

Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom

Buyer's Guide

Security Information and Event Management (SIEM)

April 2025

Download Free Report

Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: April 2025.

DOWNLOAD NOW

850,671 professionals have used our research since 2012.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.