We performed a comparison between AT&T AlienVault USM and Wazuh based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between the two products is that Wazuh users say the product is missing threat intelligence. In addition, Wazuh users do not mention an ROI. For these reasons, AT&T AlienVault USM is the winner in this comparison.
"The most valuable feature of this solution is security management for PCI DSS."
"In terms of monitoring, my best feature would be the monitoring of components across the network. It monitors the respective nodes and any new node that comes onto the network and provides reports. The reporting dashboards are really helpful for management in terms of making decisions around patch management."
"Using the communication within the security device, it is easier to create plugins."
"The feature that I liked the most is that they have a vulnerability assessment package that comes along with the SIEM solution. So, whenever I find any threat or alert for any of the devices or servers, I could immediately initiate a vulnerability assessment scan on that machine. That is one of a kind. The price at which AlienVault operates is also valuable."
"The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful."
"Its powerful correlation engine helps reduce time in manually correlating events."
"It has powerful threat detection, incident response, and compliance management."
"Asset discovery and vulnerability scanner are good features. The integration between this solution and OTX, which is an AlienVault platform for Open Threat Exchange, is also a valuable feature. It is also quick and easy to deploy, so you can quickly engage with a customer's environment."
"Good for monitoring, active response, and for vulnerabilities."
"It is a stable solution."
"Wazuh has very flexible and robust features."
"The product is easy to customize."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"I like that the solution is on top of the Kubernetes stack."
"It is excellent in terms of visualization and indexing services, making it a powerful tool for malware detection."
"The tool is stable."
"The reporting tools are a bit lacking for building reports to give directly to customers, but support has been helpful in giving our requests for new features to the development team and following up with us."
"The only room for improvement I can mention is the initial installation procedures. I found that the online installation instructions for the product were missing important details, they lacked necessary steps."
"The only complex area of the setup was writing the custom scripts."
"It would be hard for any legitimate MSSP to use it."
"In the future, I would like to see all these features of the solution working properly."
"AlienVault cannot automatically respond to threats like other SIEM solutions, such as Sentinel and LogRhythm. Most of our clients are far away, so it's often challenging to handle alerts when they come up on our dashboard."
"AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive."
"Maybe logs are the problem, as the database query is too slow. If you want to search something, you need time to find it."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"There could be a hardware monitoring tool for the solution."
"Wazuh is missing many things that a typical SIEM should have."
"We would like to see more improvements on the cloud."
"It would be great if there could be customization for the decoder portion."
"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."
USM Anywhere is ranked 17th in Log Management with 113 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. USM Anywhere is rated 8.4, while Wazuh is rated 7.4. The top reviewer of USM Anywhere writes "Easy to use and affordable". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". USM Anywhere is most compared with AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel and LogRhythm SIEM, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and Graylog. See our USM Anywhere vs. Wazuh report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.