USM Anywhere vs i-SIEM [EOL] comparison

Cybereason and LevelBlue are both solutions in the Security Information and Event Management (SIEM) category. Additionally, 100% of Cybereason users are willing to recommend the solution, compared to 92% of LevelBlue users who would recommend it.

i-SIEM [EOL]

Read 1 i-SIEM [EOL] review

100% willing to recommend

USM Anywhere

Read 115 USM Anywhere reviews

2,391 Views
1,649 Comparison Views

92% willing to recommend

i-SIEM [EOL]

USM Anywhere

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 12, 2025

USM Anywhere and i-SIEM [EOL] compete in the security information and event management sector. USM Anywhere seems to have the upper hand in pricing and support, while i-SIEM [EOL] is considered superior for its advanced features.

Features: USM Anywhere provides integrated threat intelligence, comprehensive monitoring, and automation capabilities. On the other hand, i-SIEM [EOL] offers robust customization, extensive scalability, and superior data correlation, enhancing its analytical capabilities significantly.

Ease of Deployment and Customer Service: USM Anywhere features an intuitive setup process and reliable customer service focusing on quick deployment and ongoing support. i-SIEM [EOL] delivers a more complex deployment model requiring deep technical understanding, yet provides personalized customer service for integration assistance.

Pricing and ROI: USM Anywhere presents competitive setup costs and favorable ROI due to its straightforward pricing model and ongoing support. i-SIEM [EOL] necessitates a higher initial investment but promises substantial long-term ROI facilitated by its powerful analytics and customization options.

To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: March 2025).

Buyer's Guide

Security Information and Event Management (SIEM)

March 2025

Download the complete report

Helped 842,690 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

i-SIEM [EOL]

Average Rating

9.0

Number of Reviews

Ranking in other categories

No ranking in other categories

USM Anywhere

Average Rating

8.4

Reviews Sentiment

7.0

Number of Reviews

115

Ranking in other categories

Log Management (41st), Security Information and Event Management (SIEM) (33rd), Endpoint Detection and Response (EDR) (53rd), Compliance Management (12th)

Featured Reviews

Dannie Combs

Senior Vice President and Chief Information Security Officer at Donnelley Financial Solutions

The alert fatigue and false positive rates have just plummeted, which is really exciting.

empow has a few areas of improvement as with any other technology, such as continuing to drive innovation in the dashboard. While we've been extremely impressed with the dashboard's ease of use, flexibility, ability to drill down deeply, and focus very intently on an area of interest, there will always be opportunities to be more innovative and open it up to a wider audience than just the operations group, for example. With reporting, there is always a desire to have custom reporting for every client of empow. Relative to keeping up with the sheer pace of cloud-native technologies, it should provide more options for clients to deploy their technologies in unique ways. This is an area that I recommend that they maintain focus.

Read full review

Kris Nawani

Co-Founder/Director at Bangkok MSP Company Limited

Offers complete coverage without the need to install additional software

USM Anywhere is used for threat detection and investigation. It provides a solution with built-in threat intelligence and various other investigation tools The solution offers complete coverage without the need to install additional software, as it is maintained by the vendor. It helps in saving…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"As a result of the automation, we are able to manage SIEM with a small security team. I'm in a unique position where we have been growing the security organization quite rapidly over the last three and a half years. But, as a direct result of the empow transition and legacy collection of tools towards the empow platform, we've been able to keep that head count flat. We've been able to redirect a lot of the security team's time away from the wash, rinse, repeat activities of responding to alarms where we have a high degree of confidence that they will be false positives, adjusting the rules accordingly. This can be a bit frustrating for the analyst when they have to spend hours a day dealing with these types of probable false positives. So, it has helped not only us keep our headcount flat relative to the resources necessary to provide the assurances that our executives expect of us for monitoring, but allows our analyst team to spend the majority of their time doing what they love. They are spending their time meaningfully with a higher degree of confidence and enjoying getting into the incident response type activity."

"Having everything in a central place has been helpful."

"AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable."

"The main menu: You can see everything there, what is happening on the servers, and in the logs, you can view more details of each event."

"The asset discovery and inventory capabilities in USM Anywhere is quite good."

"Reports are customized, so you can present them to executives or engineers."

"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."

"Its powerful correlation engine helps reduce time in manually correlating events."

"Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs."

More USM Anywhere pros

Cons

"Relative to keeping up with the sheer pace of cloud-native technologies, it should provide more options for clients to deploy their technologies in unique ways. This is an area that I recommend that they maintain focus."

"The reporting tools are a bit lacking for building reports to give directly to customers, but support has been helpful in giving our requests for new features to the development team and following up with us."

"AlienVault cannot automatically respond to threats like other SIEM solutions, such as Sentinel and LogRhythm. Most of our clients are far away, so it's often challenging to handle alerts when they come up on our dashboard."

"The only complex area of the setup was writing the custom scripts."

"Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on the thing. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies."

"There are many reports included but would be nice to have better access to the data."

"Their threat intelligence platform needs to be broadened. They should integrate it with more threat intelligence platforms. For the threat feed that they get from open intelligence, I would like them to add a few premium threat intelligence platforms. They can provide a bundle in which AlienVault has the threat intelligence background of other premium products."

"AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive."

"Adding a parsing interface for the customers would make AT&T AlienVault USM better."

More USM Anywhere cons

Pricing and Cost Advice

"I don't have to put up with any longer with these hypercomplex licensing agreements. Every time I want to add some additional reporting as a compliance centric or regulatory specific, e.g., GDPR, PCI, or Sarbanes-Oxley, many providers would have an additional license for this, which felt a bit ridiculous to me. With the simplified licensing architecture, there were no hidden "gotchas" down the road with empow. Something I have experienced with other providers that I've worked with in the past."

"With a higher degree of fidelity in the alarms, we were able to avoid adding additional resources to our teams. We take into account the cost of security resources in the market and the significantly higher fidelity from the alarms that are being generated. This drove down our costs with our MSSP. It drove down my cost for human capital internally. It drove down our need to have multiple resources supporting the underlying infrastructure and health and maintenance of empow as a platform from several resources down to one. Therefore, human capital costs were significantly reduced. Our operating expenses were significantly reduced. Our capital costs were significantly reduced while tripling our capacity and our run rate reduced. It was almost a "too good to be true" situation. Fortunately, for us, it worked out very nicely."

"I rate the price of AT&T AlienVault USM a four out of five."

"Pricing is very competitive with other products and you get much more functionality from AlienVault."

"It allows you to do a lot with a small price tag... The pricing is the best on the market."

"It's affordable for most customers."

"The price point is good."

"It has good pricing."

"Do the one month trial and try to work out the kinks during it, as it has free support and service hours."

"So far, it has been a good solution for a tight budget."

More USM Anywhere pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

842,690 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Real Estate/Law Firm

12%

Financial Services Firm

10%

Manufacturing Company

Computer Software Company

20%

Financial Services Firm

Comms Service Provider

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Ask a question

Earn 20 points

What do you like most about AT&T AlienVault USM?

The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.

See all answers

What is your experience regarding pricing and costs for AT&T AlienVault USM?

The pricing is amazing and really cheap.

See all answers

What needs improvement with AT&T AlienVault USM?

There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.

See all answers

Comparisons

DNIF HYPERCLOUD vs i-SIEM [EOL]

Compared 100% of the time

More i-SIEM [EOL] Competitors

AlienVault OSSIM vs USM Anywhere

Compared 25% of the time

Wazuh vs USM Anywhere

Compared 14% of the time

Splunk Enterprise Security vs USM Anywhere

Compared 12% of the time

Rapid7 InsightIDR vs USM Anywhere

Compared 11% of the time

IBM Security QRadar vs USM Anywhere

Compared 8% of the time

More USM Anywhere Competitors

Product Reports

Buyer's Guide

Security Information and Event Management (SIEM)

March 2025

Download i-SIEM [EOL] product report

Buyer's Guide

USM Anywhere

March 2025

Download USM Anywhere product report

Also Known As

No data available

AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity

Overview

i-SIEM [EOL] delivers comprehensive monitoring and threat detection capabilities suitable for today's security challenges. It integrates with existing systems, enabling efficient threat analysis and response for knowledgeable users.

i-SIEM [EOL] offers advanced security analytics and seamless integration with security infrastructure, making it a favored choice among technology professionals. Its intuitive design caters to efficient threat management. Users appreciate its capability to process large data volumes for timely threat detection and remediation. The platform ensures effective incident response through automated processes, assisting professionals in maintaining robust security postures.

What are the key features of i-SIEM [EOL]?

Advanced Threat Detection: Utilizes real-time analytics for identifying potential security threats.
Integration Capabilities: Easily connects with diverse security tools for a cohesive security strategy.
Automated Incident Response: Facilitates swift responses to security incidents to mitigate risks.

What benefits and ROI can i-SIEM [EOL] offer?

Reduced Security Risks: Proactively identifies and addresses vulnerabilities before exploitation.
Operational Efficiency: Automation reduces manual workload and minimizes error.
Cost-Effectiveness: Streamlines processes to lower overall security management costs.

i-SIEM [EOL] is implemented across industries like finance, healthcare, and manufacturing, where security and compliance are critical. Its flexibility in handling specific industry requirements makes it suitable for enhancing security postures and operational efficiency.

Cybereason

USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

Discover

Network asset discovery
Software & services discovery
AWS asset discovery
Azure asset discovery
Google Cloud Platform asset discovery

Analyze

SIEM event correlation, auto-prioritized alarms
User activity monitoring
Up to 90-days of online, searchable events

Detect

Cloud intrusion detection (AWS, Azure, GCP)
Network intrusion detection (NIDS)
Host intrusion detection (HIDS)
Endpoint Detection and Response (EDR)

Respond

Forensics querying
Automate & orchestrate response
Notifications and ticketing

Assess

Vulnerability scanning
Cloud infrastructure assessment
User & asset configuration
Dark web monitoring

Report

Pre-built compliance reporting templates
Pre-built event reporting templates
Customizable views and dashboards
Log storage

LevelBlue

Sample Customers

University of Oklahoma, Donnelley

Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom

Buyer's Guide

Security Information and Event Management (SIEM)

March 2025

Download Free Report

Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: March 2025.

DOWNLOAD NOW

842,690 professionals have used our research since 2012.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.