Microsoft Sentinel vs USM Anywhere comparison

Microsoft and LevelBlue are both solutions in the Security Information and Event Management (SIEM) category. Microsoft is ranked #2 with an average rating of 8.4, while LevelBlue is ranked #31 with an average rating of 7.3. Microsoft holds a 10.8% mindshare in SIEM, compared to LevelBlue’s 1.2% mindshare. Additionally, 93% of Microsoft users are willing to recommend the solution, compared to 92% of LevelBlue users who would recommend it.

Microsoft Sentinel

Read 89 Microsoft Sentinel reviews

23,840 Views
13,739 Comparison Views

93% willing to recommend

USM Anywhere

Read 114 USM Anywhere reviews

3,529 Views
2,406 Comparison Views

92% willing to recommend

Microsoft Sentinel

USM Anywhere

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

USM Anywhere and Microsoft Sentinel compete in security management solutions. Microsoft Sentinel's robust features and integration give it a slightly better edge.

Features: USM Anywhere offers comprehensive threat detection, ease of use, and simpler setup. Microsoft Sentinel stands out with its powerful integration with other Microsoft services, advanced analytics capabilities, and integrated threat intelligence.

Room for Improvement: USM Anywhere could improve its reporting capabilities, streamline incident response workflows, and enhance usability. Microsoft Sentinel needs better documentation, easier third-party integrations, and some specific usability enhancements.

Ease of Deployment and Customer Service:USM Anywhere is praised for straightforward deployment and responsive customer support. Microsoft Sentinel involves a more complex setup but benefits from extensive Microsoft support resources.

Pricing and ROI: USM Anywhere is cost-effective with quicker ROI due to lower setup costs and efficient threat management. Microsoft Sentinel, although more expensive, offers strong ROI for larger enterprises due to its extensive features and integrations.

To learn more, read our detailed Microsoft Sentinel vs. USM Anywhere Report (Updated: October 2024).

Buyer's Guide

Microsoft Sentinel vs. USM Anywhere

October 2024

Download the complete report

Helped 816,192 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Customer Service

Sentiment score

8.8

Microsoft Sentinel support is generally positive, with mixed reviews on responsiveness and the necessity for premium support tiers.

No sentiment score available

No quotes available

For more quotes and insights, download the Microsoft Sentinel report

No quotes available

For more quotes and insights, download the USM Anywhere report

Room For Improvement

Sentiment score

4.9

Microsoft Sentinel users want better integration, more tools, improved UI, clearer documentation, reduced costs, and enhanced alert system.

No sentiment score available

No quotes available

For more quotes and insights, download the Microsoft Sentinel report

No quotes available

For more quotes and insights, download the USM Anywhere report

Scalability Issues

Sentiment score

7.9

Microsoft Sentinel offers scalable, automatic resource adjustments, multi-region support, and extensive data integration, adapting to diverse organizational needs.

No sentiment score available

No quotes available

For more quotes and insights, download the Microsoft Sentinel report

No quotes available

For more quotes and insights, download the USM Anywhere report

Setup Cost

Sentiment score

4.0

Microsoft Sentinel offers value through integration but requires careful cost management due to its complex, consumption-based pricing model.

No sentiment score available

No quotes available

For more quotes and insights, download the Microsoft Sentinel report

No quotes available

For more quotes and insights, download the USM Anywhere report

Stability Issues

Sentiment score

9.5

Microsoft Sentinel is highly stable and reliable, with 99.9% availability, despite some integration and log ingestion issues.

No sentiment score available

No quotes available

For more quotes and insights, download the Microsoft Sentinel report

No quotes available

For more quotes and insights, download the USM Anywhere report

Valuable Features

Sentiment score

8.3

Microsoft Sentinel offers seamless integration, automation, AI capabilities, and scalable threat detection, enhancing security with cost-effectiveness and efficient monitoring.

No sentiment score available

No quotes available

For more quotes and insights, download the Microsoft Sentinel report

No quotes available

For more quotes and insights, download the USM Anywhere report

Categories and Ranking

Microsoft Sentinel

Ranking in Security Information and Event Management (SIEM)

2nd

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (1st), Microsoft Security Suite (5th)

USM Anywhere

Ranking in Security Information and Event Management (SIEM)

31st

Average Rating

8.4

Number of Reviews

114

Ranking in other categories

Log Management (34th), Endpoint Detection and Response (EDR) (51st), Compliance Management (11th)

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Microsoft Sentinel is 10.8%, down from 12.8% compared to the previous year. The mindshare of USM Anywhere is 1.2%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Nitin Arora

Security Delivery Senior Analyst at Accenture

Gives us one place to investigate and respond to threats, and automation eliminates manual work

They can work on the EDR side of things. It is already really superb, because of the kinds of features we get with the EDR solution. It's not a standard EDR and they have recently enhanced things. But the problem is with onboarding devices. I have different OS flavors, including a large number of Linux, Windows, macOS, and some on-prem machines as well. Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work. They can eliminate having to do manual configuration for the machines, and check the different types of configurations for each OS. In some cases, it does not support some OSs. If they could reduce this type of work, that would be really amazing.

Read full review

Omer Jamil

Supervisor, Security Operations at Bpm

An easy-to-deploy tool that needs to improve its vulnerability scanning feature

To those who plan to use the solution, I would suggest that they go through the documentation and online training models available for free, as it can help you deploy the product quickly while also being helpful in areas where there is a need to understand correlation and monitoring. I rate the overall product a seven out of ten.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

816,192 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

16%

Financial Services Firm

10%

Government

Manufacturing Company

Computer Software Company

18%

Educational Organization

Financial Services Firm

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?

Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...

See all answers

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

See all answers

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

See all answers

What do you like most about AT&T AlienVault USM?

The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.

See all answers

What is your experience regarding pricing and costs for AT&T AlienVault USM?

The price is really variable depending on what tier the customer is subscribing to. I think USM Anywhere recently started a 125, a 250, and then 500 and 1000 tier. So it depends on the organization...

See all answers

What needs improvement with AT&T AlienVault USM?

The only issue that you need to bypass is the issue with integration with some other log sources, some other application security applications. The issue is still present. The process of collecting...

See all answers

Comparisons

AWS Security Hub vs Microsoft Sentinel

Compared 20% of the time

IBM Security QRadar vs Microsoft Sentinel

Compared 10% of the time

Cortex XSIAM vs Microsoft Sentinel

Compared 7% of the time

Wazuh vs Microsoft Sentinel

Compared 6% of the time

Google Chronicle Suite vs Microsoft Sentinel

Compared 5% of the time

More Microsoft Sentinel Competitors

Wazuh vs USM Anywhere

Compared 19% of the time

AlienVault OSSIM vs USM Anywhere

Compared 19% of the time

Splunk Enterprise Security vs USM Anywhere

Compared 11% of the time

IBM Security QRadar vs USM Anywhere

Compared 9% of the time

CrowdStrike Falcon vs USM Anywhere

Compared 8% of the time

More USM Anywhere Competitors

Product Reports

Buyer's Guide

Microsoft Sentinel

November 2024

Download Microsoft Sentinel product report

Buyer's Guide

USM Anywhere

October 2024

Download USM Anywhere product report

Also Known As

Azure Sentinel

AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity

Learn More

Microsoft

Video not available

LevelBlue

Overview

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

Discover

Network asset discovery
Software & services discovery
AWS asset discovery
Azure asset discovery
Google Cloud Platform asset discovery

Analyze

SIEM event correlation, auto-prioritized alarms
User activity monitoring
Up to 90-days of online, searchable events

Detect

Cloud intrusion detection (AWS, Azure, GCP)
Network intrusion detection (NIDS)
Host intrusion detection (HIDS)
Endpoint Detection and Response (EDR)

Respond

Forensics querying
Automate & orchestrate response
Notifications and ticketing

Assess

Vulnerability scanning
Cloud infrastructure assessment
User & asset configuration
Dark web monitoring

Report

Pre-built compliance reporting templates
Pre-built event reporting templates
Customizable views and dashboards
Log storage

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.

Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom

Buyer's Guide

Microsoft Sentinel vs. USM Anywhere

October 2024

Free Report: Microsoft Sentinel vs. USM Anywhere

Find out what your peers are saying about Microsoft Sentinel vs. USM Anywhere and other solutions. Updated: October 2024.

DOWNLOAD NOW

816,192 professionals have used our research since 2012.

See our Microsoft Sentinel vs. USM Anywhere report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.