Try our new research platform with insights from 80,000+ expert users

USM Anywhere vs i-SIEM [EOL] comparison

Cybereason and LevelBlue are both solutions in the Security Information and Event Management (SIEM) category. Additionally, 100% of Cybereason users are willing to recommend the solution, compared to 92% of LevelBlue users who would recommend it.
i-SIEM [EOL]
Read 1 i-SIEM [EOL] review
    100% willing to recommend
    USM Anywhere
    Read 115 USM Anywhere reviews
    • 2,934 Views
    • 2,043 Comparison Views
    92% willing to recommend
     

    Comparison Buyer's Guide

    Download the report
    Executive SummaryUpdated on Oct 7, 2024
    ```html

    USM Anywhere and i-SIEM [EOL] are both well-regarded SIEM platforms. USM Anywhere has a competitive advantage primarily due to its support and pricing.

    Features: USM Anywhere is recognized for its comprehensive threat intelligence, user-friendly policy management, and efficient alerting. i-SIEM [EOL] is known for advanced analytics, customizable dashboards, and detailed reporting.

    Room for Improvement: USM Anywhere should work on improving reporting flexibility and speed. i-SIEM [EOL] needs enhancements in its learning curve and customer support responsiveness.

    Ease of Deployment and Customer Service: USM Anywhere provides quick deployment and proactive customer service reducing implementation time. i-SIEM [EOL] struggles with setup complexity and inconsistent service but has substantial documentation support.

    Pricing and ROI: USM Anywhere is considered cost-effective with favorable ROI, appealing to budget-conscious users. i-SIEM [EOL] has higher initial expenses but offers satisfactory ROI due to its advanced features.

    ```
    DOWNLOAD THE COMPLETE REPORT
    To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: December 2024).
    Buyer's Guide
    Security Information and Event Management (SIEM)
    December 2024
    Download the complete report
    Helped 829,541 peers since 2012
     

    Categories and Ranking

    i-SIEM [EOL]
    Average Rating
    9.0
    Number of Reviews
    1
    Ranking in other categories
    No ranking in other categories
    USM Anywhere
    Average Rating
    8.4
    Reviews Sentiment
    7.0
    Number of Reviews
    115
    Ranking in other categories
    Log Management (38th), Security Information and Event Management (SIEM) (30th), Endpoint Detection and Response (EDR) (52nd), Compliance Management (12th)
     

    Featured Reviews

    DC
    The alert fatigue and false positive rates have just plummeted, which is really exciting.
    empow has a few areas of improvement as with any other technology, such as continuing to drive innovation in the dashboard. While we've been extremely impressed with the dashboard's ease of use, flexibility, ability to drill down deeply, and focus very intently on an area of interest, there will always be opportunities to be more innovative and open it up to a wider audience than just the operations group, for example. With reporting, there is always a desire to have custom reporting for every client of empow. Relative to keeping up with the sheer pace of cloud-native technologies, it should provide more options for clients to deploy their technologies in unique ways. This is an area that I recommend that they maintain focus.
    Read full review
    Omer Jamil - PeerSpot reviewer
    An easy-to-deploy tool that needs to improve its vulnerability scanning feature
    To those who plan to use the solution, I would suggest that they go through the documentation and online training models available for free, as it can help you deploy the product quickly while also being helpful in areas where there is a need to understand correlation and monitoring. I rate the overall product a seven out of ten.
    Read full review

    Quotes from Members

    We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
     

    Pros

    "As a result of the automation, we are able to manage SIEM with a small security team. I'm in a unique position where we have been growing the security organization quite rapidly over the last three and a half years. But, as a direct result of the empow transition and legacy collection of tools towards the empow platform, we've been able to keep that head count flat. We've been able to redirect a lot of the security team's time away from the wash, rinse, repeat activities of responding to alarms where we have a high degree of confidence that they will be false positives, adjusting the rules accordingly. This can be a bit frustrating for the analyst when they have to spend hours a day dealing with these types of probable false positives. So, it has helped not only us keep our headcount flat relative to the resources necessary to provide the assurances that our executives expect of us for monitoring, but allows our analyst team to spend the majority of their time doing what they love. They are spending their time meaningfully with a higher degree of confidence and enjoying getting into the incident response type activity."
    "The Event Correlation and vulnerability scans have been the most useful. As a 24/7 SOC, we use the incoming alarms to give an overview of suspicious traffic going through the network. It's easy to look at the correlated events and see the broad picture of traffic for that customer. Vulnerability scans are good for providing patch and remediation guidelines to keep customer systems secure."
    "The ease of implementation is the most valuable feature."
    "The main menu: You can see everything there, what is happening on the servers, and in the logs, you can view more details of each event."
    "It is my "security person" looking at irregularities and letting me know when something has occurred."
    "Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs."
    "This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."
    "The most valuable feature of this solution is security management for PCI DSS."
    "AlienVault has an advanced component within one package. With this, we can cover more area with one solution."
    More USM Anywhere pros
     

    Cons

    "Relative to keeping up with the sheer pace of cloud-native technologies, it should provide more options for clients to deploy their technologies in unique ways. This is an area that I recommend that they maintain focus."
    "It would be hard for any legitimate MSSP to use it."
    "Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on the thing. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies."
    "AT&T AlienVault USM can improve searchable data. It should be available for more than 90 days. If you need more than 90 days of data, you have to put a request and they give you raw data, which is not easy to search. A good addition would be to allow users to search data older than 90 days."
    "AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive."
    "The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."
    "The vulnerability reporting needs to have options to be able to sort or customize the output."
    "USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it."
    "The only complex area of the setup was writing the custom scripts."
    More USM Anywhere cons
     

    Pricing and Cost Advice

    "I don't have to put up with any longer with these hypercomplex licensing agreements. Every time I want to add some additional reporting as a compliance centric or regulatory specific, e.g., GDPR, PCI, or Sarbanes-Oxley, many providers would have an additional license for this, which felt a bit ridiculous to me. With the simplified licensing architecture, there were no hidden "gotchas" down the road with empow. Something I have experienced with other providers that I've worked with in the past."
    "With a higher degree of fidelity in the alarms, we were able to avoid adding additional resources to our teams. We take into account the cost of security resources in the market and the significantly higher fidelity from the alarms that are being generated. This drove down our costs with our MSSP. It drove down my cost for human capital internally. It drove down our need to have multiple resources supporting the underlying infrastructure and health and maintenance of empow as a platform from several resources down to one. Therefore, human capital costs were significantly reduced. Our operating expenses were significantly reduced. Our capital costs were significantly reduced while tripling our capacity and our run rate reduced. It was almost a "too good to be true" situation. Fortunately, for us, it worked out very nicely."
    "It allows you to do a lot with a small price tag... The pricing is the best on the market."
    "Its price is much lower than McAfee ESM."
    "I don't think the product's pricing is a good value because they try to raise the price 50 percent every year... AlienVault needs to understand that not all customers are huge enterprises... Their sales team is way too aggressive. The price they advertise is not always the price you get."
    "So far, I feel the product's pricing is a good value. The technology is decent. You get what you pay for. I think it's fair."
    "AlienVault is certainly not nearly as expensive as Splunk or QRadar. It's decently priced, but I don't have the exact figure."
    "The pricing is a good value. The key thing is that for the new product, the licensing of it, is subscription-based and it's based on data. Clients need to be really careful when thinking about that, because odds are they're going to need to put a lot more data into it than what they initially estimate, which is going to drive their subscription costs up."
    "Its price is in the medium to upper range."
    "It is affordable, and it also has many features that the premium products such as ArcSight and QRadar have. It is a very good platform for a SIEM solution. Everything is included in the price."
    More USM Anywhere pricing and cost advice
    report
    See which vendors are best for you
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See recommendations
    829,541 professionals have used our research since 2012.
     

    Top Industries

    By visitors reading reviews
    Computer Software Company
    15%
    Financial Services Firm
    13%
    Real Estate/Law Firm
    12%
    Healthcare Company
    12%
    Computer Software Company
    18%
    Educational Organization
    8%
    Financial Services Firm
    7%
    Comms Service Provider
    7%
     

    Company Size

    By reviewers
    Large Enterprise
    Midsize Enterprise
    Small Business
    No data available
     

    Questions from the Community

    Ask a question
    Earn 20 points
    What do you like most about AT&T AlienVault USM?
    The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
    See all answers
    What is your experience regarding pricing and costs for AT&T AlienVault USM?
    The pricing is amazing and really cheap.
    See all answers
    What needs improvement with AT&T AlienVault USM?
    There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.
    See all answers
     

    Comparisons

    DNIF HYPERCLOUD vs i-SIEM [EOL] Logo
    DNIF HYPERCLOUD vs i-SIEM [EOL]
    Compared 54% of the time
    AWS Security Hub vs i-SIEM [EOL] Logo
    AWS Security Hub vs i-SIEM [EOL]
    Compared 46% of the time
    More i-SIEM [EOL] Competitors
    AlienVault OSSIM vs USM Anywhere Logo
    AlienVault OSSIM vs USM Anywhere
    Compared 20% of the time
    Wazuh vs USM Anywhere Logo
    Wazuh vs USM Anywhere
    Compared 17% of the time
    Splunk Enterprise Security vs USM Anywhere Logo
    Splunk Enterprise Security vs USM Anywhere
    Compared 11% of the time
    IBM Security QRadar vs USM Anywhere Logo
    IBM Security QRadar vs USM Anywhere
    Compared 9% of the time
    Rapid7 InsightIDR vs USM Anywhere Logo
    Rapid7 InsightIDR vs USM Anywhere
    Compared 9% of the time
    More USM Anywhere Competitors
     

    Product Reports

    Buyer's Guide
    Security Information and Event Management (SIEM)
    December 2024
    i-SIEM [EOL] reportDownload i-SIEM [EOL] product report
    Buyer's Guide
    USM Anywhere
    December 2024
    USM Anywhere reportDownload USM Anywhere product report
     

    Also Known As

    No data available
    AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
     

    Learn More

    Cybereason
    Video not available
    LevelBlue
     

    Overview

    i-SIEM [EOL] delivers comprehensive monitoring and threat detection capabilities suitable for today's security challenges. It integrates with existing systems, enabling efficient threat analysis and response for knowledgeable users.

    i-SIEM [EOL] offers advanced security analytics and seamless integration with security infrastructure, making it a favored choice among technology professionals. Its intuitive design caters to efficient threat management. Users appreciate its capability to process large data volumes for timely threat detection and remediation. The platform ensures effective incident response through automated processes, assisting professionals in maintaining robust security postures.

    What are the key features of i-SIEM [EOL]?
    • Advanced Threat Detection: Utilizes real-time analytics for identifying potential security threats.
    • Integration Capabilities: Easily connects with diverse security tools for a cohesive security strategy.
    • Automated Incident Response: Facilitates swift responses to security incidents to mitigate risks.
    What benefits and ROI can i-SIEM [EOL] offer?
    • Reduced Security Risks: Proactively identifies and addresses vulnerabilities before exploitation.
    • Operational Efficiency: Automation reduces manual workload and minimizes error.
    • Cost-Effectiveness: Streamlines processes to lower overall security management costs.

    i-SIEM [EOL] is implemented across industries like finance, healthcare, and manufacturing, where security and compliance are critical. Its flexibility in handling specific industry requirements makes it suitable for enhancing security postures and operational efficiency.

    USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

    Discover

    • Network asset discovery
    • Software & services discovery
    • AWS asset discovery
    • Azure asset discovery
    • Google Cloud Platform asset discovery

    Analyze

    • SIEM event correlation, auto-prioritized alarms
    • User activity monitoring
    • Up to 90-days of online, searchable events

    Detect

    • Cloud intrusion detection (AWS, Azure, GCP)
    • Network intrusion detection (NIDS)
    • Host intrusion detection (HIDS)
    • Endpoint Detection and Response (EDR)

    Respond

    • Forensics querying
    • Automate & orchestrate response
    • Notifications and ticketing

    Assess

    • Vulnerability scanning
    • Cloud infrastructure assessment
    • User & asset configuration
    • Dark web monitoring

    Report

    • Pre-built compliance reporting templates
    • Pre-built event reporting templates
    • Customizable views and dashboards
    • Log storage
     

    Sample Customers

    University of Oklahoma, Donnelley
    Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
    Buyer's Guide
    Security Information and Event Management (SIEM)
    December 2024
    Download Free Report
    Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: December 2024.
    DOWNLOAD NOW
    829,541 professionals have used our research since 2012.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.