We performed a comparison between Sumo Logic Security and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"We can integrate threat intelligence solutions into the product."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"Technical support is always great."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"We are able to diagnose problems before our customers."
"The main menu: You can see everything there, what is happening on the servers, and in the logs, you can view more details of each event."
"The solution is stable."
"Log-monitoring and alerting enable us to know when things happen that we need to know about."
"The most valuable feature of this solution is security management for PCI DSS."
"It has powerful threat detection, incident response, and compliance management."
"SIEM log collection is great, and all of the rules that support updates with maintenance."
"As we have to service several servers, we can manage them in a economical way, which is beneficial to our team and business."
"AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable."
"Sumo Logic needs to make sure integrating solutions are seamless."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"In my opinion, this solution has a steep learning curve and requires practice if users to be able to use this tool very efficiently."
"The integration with multiple sources could be better."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins."
"The vulnerability reporting needs to have options to be able to sort or customize the output."
"Sometimes the log is unclear, and the report is a bit ambiguous."
"For creating new rules, you have to be familiar with regular expressions. I feel there could be something built-in to make sure that process is easier."
"More complimentary training needs to be done for use with this tool. If you get into a bind, then it will cost you."
"Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on the thing. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies."
"Reporting is convoluted and difficult at times, although they claim to have hundreds of pre-built reports, very few of them are actually useful for anything but what the USM is doing."
"AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive."
Sumo Logic Security is ranked 17th in Security Information and Event Management (SIEM) with 18 reviews while USM Anywhere is ranked 13th in Security Information and Event Management (SIEM) with 113 reviews. Sumo Logic Security is rated 8.6, while USM Anywhere is rated 8.4. The top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Microsoft Sentinel, Splunk Enterprise Security and Google Chronicle Suite, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Microsoft Sentinel. See our Sumo Logic Security vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.