We performed a comparison between Trellix Helix and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."FireEye Helix's best features are its speed and use of an easy-to-understand language to send queries to the raw logs."
"The integration is very useful and very easy. You can have an API connection with any cloud and I'll be able to do both ways of communication with the help of APA."
"Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks."
"The most valuable features include predefined use cases and threatening states."
"The product offers very strong automation. Our cyber security analysts don't have to correlate the information to detect problems. They only need to analyze problems that have been identified by the platform."
"I like that it's easy. It's got the protection set up, and we can see whatever is required. We write our own rules and the rules that we can input. I think it is good."
"It is kind of simple and very easily deployable. You can start working with it very fast."
"Its powerful correlation engine helps reduce time in manually correlating events."
"The most valuable feature in AT&T AlienVault USM is the reporting."
"It is my "security person" looking at irregularities and letting me know when something has occurred."
"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."
"It has allowed us to see what is happening on our servers."
"The most valuable feature of this solution is security management for PCI DSS."
"The Event Correlation and vulnerability scans have been the most useful. As a 24/7 SOC, we use the incoming alarms to give an overview of suspicious traffic going through the network. It's easy to look at the correlated events and see the broad picture of traffic for that customer. Vulnerability scans are good for providing patch and remediation guidelines to keep customer systems secure."
"Every activity on the firewall is recorded, and notifications are sent with this solution."
"It should have more cloud connectors. It could also be cheaper."
"Trellix Helix's configuration and learning could be improved to identify normal traffic from abnormal and to identify trusted domains."
"FireEye Helix would be improved with the option of an on-prem version, which they don't currently offer."
"The graphical user interface could be improved. It's not easy to handle and it's not easy for a customer or end-user to learn how to manage the solution."
"We have certain challenges with integrating the SOAR platform with multiple vendors."
"Sometimes the rules are disabled by FireEye, and we basically get it after the patch. I think there needs to be a better way of creating the application rules. I would like to see better pricing for our licensing."
"Integrations could be improved, and the dashboard could be a little better."
"The price of AT&T AlienVault USM could be reduced."
"Plugins could be better utilized, as some of them do not recognize all logs."
"The reporting tools are a bit lacking for building reports to give directly to customers, but support has been helpful in giving our requests for new features to the development team and following up with us."
"We would like more plugins. This being the main point of improvement which would benefit the users."
"I've been told that AlienVault doesn't have a full version of NES running in there, but I'm not sure if that's accurate or if my engineer made it that way. I'm not sure he was completely honest either because we had NES in the environment before. Those tools could be improved because AlienVault is a SIEM, and it added all these other features."
"The vulnerability reporting needs to have options to be able to sort or customize the output."
"AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive."
"I feel that some areas of improvement would be vulnerability scanning. We use a separate product that seems to do a much better job."
Trellix Helix is ranked 31st in Security Information and Event Management (SIEM) with 7 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. Trellix Helix is rated 8.6, while USM Anywhere is rated 8.4. The top reviewer of Trellix Helix writes "Helps prevent email attacks, like phishing and email spoofing attacks". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Trellix Helix is most compared with Microsoft Sentinel, LogRhythm SIEM, Splunk Enterprise Security, Trellix ESM and Cisco SecureX, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Exabeam Fusion SIEM. See our Trellix Helix vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.