Microsoft Sentinel vs USM Anywhere comparison

Microsoft and LevelBlue are both solutions in the Security Information and Event Management (SIEM) category. Microsoft is ranked #3 with an average rating of 8.4, while LevelBlue is ranked #29 with an average rating of 7.3. Microsoft holds a 8.7% mindshare in SIEM, compared to LevelBlue’s 1.2% mindshare. Additionally, 93% of Microsoft users are willing to recommend the solution, compared to 92% of LevelBlue users who would recommend it.

Microsoft Sentinel

Read 89 Microsoft Sentinel reviews

16,740 Views
9,816 Comparison Views

93% willing to recommend

USM Anywhere

Read 115 USM Anywhere reviews

3,229 Views
2,226 Comparison Views

92% willing to recommend

Microsoft Sentinel

USM Anywhere

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

USM Anywhere and Microsoft Sentinel compete in security management solutions. Microsoft Sentinel's robust features and integration give it a slightly better edge.

Features: USM Anywhere offers comprehensive threat detection, ease of use, and simpler setup. Microsoft Sentinel stands out with its powerful integration with other Microsoft services, advanced analytics capabilities, and integrated threat intelligence.

Room for Improvement: USM Anywhere could improve its reporting capabilities, streamline incident response workflows, and enhance usability. Microsoft Sentinel needs better documentation, easier third-party integrations, and some specific usability enhancements.

Ease of Deployment and Customer Service:USM Anywhere is praised for straightforward deployment and responsive customer support. Microsoft Sentinel involves a more complex setup but benefits from extensive Microsoft support resources.

Pricing and ROI: USM Anywhere is cost-effective with quicker ROI due to lower setup costs and efficient threat management. Microsoft Sentinel, although more expensive, offers strong ROI for larger enterprises due to its extensive features and integrations.

To learn more, read our detailed Microsoft Sentinel vs. USM Anywhere Report (Updated: December 2024).

Buyer's Guide

Microsoft Sentinel vs. USM Anywhere

December 2024

Download the complete report

Helped 824,053 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

ROI

Sentiment score

7.2

Users find Microsoft Sentinel offers positive ROI through improved visibility, automation, and efficiency, despite initial costs and quantification challenges.

Sentiment score

8.5

USM Anywhere enhances security, saves time and resources, reduces staffing needs, and meets compliance, offering financial and time benefits.

No quotes available

For more quotes and insights, download the Microsoft Sentinel report

Customers see ROI as they save on staff and other resources.

Kris Nawani

Co-Founder/Director at Bangkok MSP Company Limited

For more quotes and insights, download the USM Anywhere report

Customer Service

Sentiment score

6.9

Microsoft Sentinel support is mixed; premium plans and better Microsoft relationships yield favorable experiences despite some challenges.

Sentiment score

8.0

USM Anywhere's customer service is generally praised for responsiveness but experiences occasional delays and inconsistent support information.

Their solutions' integration simplifies resolving issues compared to those caused by third-party products.

Miroslav Karnik

IT Consultant at MAN Truck & Bus SE

Working with a Sentinel engineer helped us tune settings effectively.

Jonathan Melara

Systems Emgineer at a non-profit with 1-10 employees

For more quotes and insights, download the Microsoft Sentinel report

No quotes available

For more quotes and insights, download the USM Anywhere report

Scalability Issues

Sentiment score

8.1

Microsoft Sentinel's cloud architecture ensures scalable, flexible data handling with minimal management, supporting large user bases and easy integration.

Sentiment score

4.7

USM Anywhere is scalable for small to medium businesses, but enterprise-scale deployments face data volume and speed challenges.

Office 365 and Exchange are running on it, covering about 35,000 users efficiently.

Miroslav Karnik

IT Consultant at MAN Truck & Bus SE

As our organization uses Microsoft Azure and Defender, everything grows together, and we can integrate various features seamlessly.

Jonathan Melara

Systems Emgineer at a non-profit with 1-10 employees

For more quotes and insights, download the Microsoft Sentinel report

USM Anywhere faces scalability issues because of a 60 TB limit.

Kris Nawani

Co-Founder/Director at Bangkok MSP Company Limited

For more quotes and insights, download the USM Anywhere report

Stability Issues

Sentiment score

7.9

Microsoft Sentinel is highly stable and reliable, with users praising its performance and noting rare, minor configuration issues.

Sentiment score

7.8

USM Anywhere receives mixed stability reviews, with some users praising its reliability and others reporting issues during updates or large data handling.

So far, we have not experienced any issues, and it has been stable from the beginning.

Miroslav Karnik

IT Consultant at MAN Truck & Bus SE

Sentinel's stability is great.

Jonathan Melara

Systems Emgineer at a non-profit with 1-10 employees

For more quotes and insights, download the Microsoft Sentinel report

No quotes available

For more quotes and insights, download the USM Anywhere report

Room For Improvement

Microsoft Sentinel users seek improved third-party integration, user-friendly features, enhanced threat intelligence, and streamlined data management to reduce costs.

USM Anywhere needs improved performance, user interface, integration, and support, with better updates and less disruptive software changes.

We have some tools, such as our off-site Meraki firewalls, that have not fully integrated with Sentinel.

Jonathan Melara

Systems Emgineer at a non-profit with 1-10 employees

Currently, we are happy to have a way in the middle with not so much cost, but it would be nice to have the ability to enhance the automation of workflows based on learned incidents.

Miroslav Karnik

IT Consultant at MAN Truck & Bus SE

For more quotes and insights, download the Microsoft Sentinel report

There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks.

Kris Nawani

Co-Founder/Director at Bangkok MSP Company Limited

For more quotes and insights, download the USM Anywhere report

Setup Cost

Microsoft Sentinel offers cost-effective, consumption-based pricing, benefiting from Azure integration with careful data management to control expenses.

USM Anywhere offers scalable, affordable SIEM solutions ideal for SMBs, recommended for budget-conscious enterprises over costly competitors.

We already had the necessary licensing for Sentinel, so we didn't need to spend extra money.

Jonathan Melara

Systems Emgineer at a non-profit with 1-10 employees

For more quotes and insights, download the Microsoft Sentinel report

The pricing is amazing and really cheap.

Kris Nawani

Co-Founder/Director at Bangkok MSP Company Limited

For more quotes and insights, download the USM Anywhere report

Valuable Features

Microsoft Sentinel offers seamless integration, AI-driven threat detection, and automation, providing comprehensive security and ease of setup for organizations.

USM Anywhere offers event correlation, vulnerability scanning, and centralized logging with customizable, user-friendly security monitoring for small teams.

Custom workbooks are valuable. It is one of the crucial points in dealing with potential security threats in an automated way without requiring too much manpower.

Miroslav Karnik

IT Consultant at MAN Truck & Bus SE

For more quotes and insights, download the Microsoft Sentinel report

The 365-day block query is a major feature.

Kris Nawani

Co-Founder/Director at Bangkok MSP Company Limited

For more quotes and insights, download the USM Anywhere report

Categories and Ranking

Microsoft Sentinel

Ranking in Security Information and Event Management (SIEM)

3rd

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (1st), Microsoft Security Suite (5th), AI-Powered Cybersecurity Platforms (5th)

USM Anywhere

Ranking in Security Information and Event Management (SIEM)

29th

Average Rating

8.4

Reviews Sentiment

6.9

Number of Reviews

115

Ranking in other categories

Log Management (37th), Endpoint Detection and Response (EDR) (52nd), Compliance Management (12th)

Mindshare comparison

As of December 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Microsoft Sentinel is 8.7%, down from 10.4% compared to the previous year. The mindshare of USM Anywhere is 1.2%, down from 2.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Nitin Arora

Security Delivery Senior Analyst at Accenture

Gives us one place to investigate and respond to threats, and automation eliminates manual work

They can work on the EDR side of things. It is already really superb, because of the kinds of features we get with the EDR solution. It's not a standard EDR and they have recently enhanced things. But the problem is with onboarding devices. I have different OS flavors, including a large number of Linux, Windows, macOS, and some on-prem machines as well. Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work. They can eliminate having to do manual configuration for the machines, and check the different types of configurations for each OS. In some cases, it does not support some OSs. If they could reduce this type of work, that would be really amazing.

Read full review

Omer Jamil

Supervisor, Security Operations at Bpm

An easy-to-deploy tool that needs to improve its vulnerability scanning feature

To those who plan to use the solution, I would suggest that they go through the documentation and online training models available for free, as it can help you deploy the product quickly while also being helpful in areas where there is a need to understand correlation and monitoring. I rate the overall product a seven out of ten.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

824,053 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

16%

Financial Services Firm

10%

Government

Manufacturing Company

Computer Software Company

18%

Educational Organization

Financial Services Firm

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?

Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...

See all answers

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

See all answers

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

See all answers

What do you like most about AT&T AlienVault USM?

The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.

See all answers

What is your experience regarding pricing and costs for AT&T AlienVault USM?

The pricing is amazing and really cheap.

See all answers

What needs improvement with AT&T AlienVault USM?

There are scalability issues due to a 60 TB limit, which restricts its use for large customers like banks. It is also limited when used with bigger products and has complex password requirements.

See all answers

Comparisons

AWS Security Hub vs Microsoft Sentinel

Compared 21% of the time

IBM Security QRadar vs Microsoft Sentinel

Compared 10% of the time

Cortex XSIAM vs Microsoft Sentinel

Compared 7% of the time

Wazuh vs Microsoft Sentinel

Compared 6% of the time

Google Chronicle Suite vs Microsoft Sentinel

Compared 5% of the time

More Microsoft Sentinel Competitors

AlienVault OSSIM vs USM Anywhere

Compared 18% of the time

Wazuh vs USM Anywhere

Compared 17% of the time

Splunk Enterprise Security vs USM Anywhere

Compared 10% of the time

Rapid7 InsightIDR vs USM Anywhere

Compared 9% of the time

LogRhythm SIEM vs USM Anywhere

Compared 6% of the time

More USM Anywhere Competitors

Product Reports

Buyer's Guide

Microsoft Sentinel

November 2024

Download Microsoft Sentinel product report

Buyer's Guide

USM Anywhere

November 2024

Download USM Anywhere product report

Also Known As

Azure Sentinel

AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity

Learn More

Microsoft

Video not available

LevelBlue

Overview

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

Discover

Network asset discovery
Software & services discovery
AWS asset discovery
Azure asset discovery
Google Cloud Platform asset discovery

Analyze

SIEM event correlation, auto-prioritized alarms
User activity monitoring
Up to 90-days of online, searchable events

Detect

Cloud intrusion detection (AWS, Azure, GCP)
Network intrusion detection (NIDS)
Host intrusion detection (HIDS)
Endpoint Detection and Response (EDR)

Respond

Forensics querying
Automate & orchestrate response
Notifications and ticketing

Assess

Vulnerability scanning
Cloud infrastructure assessment
User & asset configuration
Dark web monitoring

Report

Pre-built compliance reporting templates
Pre-built event reporting templates
Customizable views and dashboards
Log storage

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.

Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom

Buyer's Guide

Microsoft Sentinel vs. USM Anywhere

December 2024

Free Report: Microsoft Sentinel vs. USM Anywhere

Find out what your peers are saying about Microsoft Sentinel vs. USM Anywhere and other solutions. Updated: December 2024.

DOWNLOAD NOW

824,053 professionals have used our research since 2012.

See our Microsoft Sentinel vs. USM Anywhere report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.