We performed a comparison between Elastic Security and USM Anywhere based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Elastic Security is commended for its adaptability, extensive customization options, and seamless integration with the ELK Stack. USM Anywhere is highly regarded for its extensive reporting capabilities, thorough vulnerability assessment, seamless file integration, and user-friendly management features. Elastic Security could improve by reducing resource usage, automating threat response, and simplifying the user experience. USM Anywhere users have suggested improvements in self-service plugin management, database optimization, and third-party threat intelligence integration.
Service and Support: Some Elastic Security users found their support helpful, while others experienced difficulties and delays. Some users say that USM Anywhere's customer service is knowledgeable and responsive, while others have faced delays and incomplete answers.
Ease of Deployment: Elastic Security generally has a straightforward setup but may require trained specialists. USM Anywhere's initial setup is generally considered to be straightforward if the user has technical knowledge. Vendor assistance is also available during the deployment phase.
Pricing: Elastic Security is considered affordable and cost-effective, with pricing based on the size of the monitored environment. USM Anywhere has garnered favorable feedback regarding its ROI.
ROI: Elastic Security has shown mixed results in terms of ROI, with some users expressing concerns about the quality of their premium support. USM Anywhere has garnered favorable feedback regarding its ROI.
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The product detects and blocks threats and is more proactive than firewalls."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Ability to get forensics details and also memory exfiltration."
"The price is low and quite competitive with others."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"NGAV and EDR features are outstanding."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"It's not very complicated to install Elastic."
"The scalability is good. It can be scaled easily in the production environment."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"The most valuable feature is the machine learning capability."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"I like the indexing of the logs."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"The new cloud-based panel is excellent both for client review as well as for our SOC to review and respond to threats. It is much easier to configure and use than the previous solution from AlienVault."
"Every activity on the firewall is recorded, and notifications are sent with this solution."
"Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs."
"In terms of monitoring, my best feature would be the monitoring of components across the network. It monitors the respective nodes and any new node that comes onto the network and provides reports. The reporting dashboards are really helpful for management in terms of making decisions around patch management."
"Using the communication within the security device, it is easier to create plugins."
"This is a USM, so being able to get all the features under one roof makes it a good product with good new features."
"The setup is very easy and straightforward."
"The most valuable feature of this solution is security management for PCI DSS."
"The SIEM could be improved."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We find the solution to be a bit expensive."
"I haven't seen the use of AI in the solution."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"The training that is offered for Elastic is in need of improvement because there is no depth to it."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"Pay attention to false-positive event automatic correlations."
"The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."
"We develop additional rules and scripts to make it more usable."
"In the future, I would like to see all these features of the solution working properly."
"It should be able to communicate with other security solutions to stop threats."
"The vulnerability reporting needs to have options to be able to sort or customize the output."
"Their threat intelligence platform needs to be broadened. They should integrate it with more threat intelligence platforms. For the threat feed that they get from open intelligence, I would like them to add a few premium threat intelligence platforms. They can provide a bundle in which AlienVault has the threat intelligence background of other premium products."
"Reporting is convoluted and difficult at times, although they claim to have hundreds of pre-built reports, very few of them are actually useful for anything but what the USM is doing."
Elastic Security is ranked 5th in Security Information and Event Management (SIEM) with 59 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. Elastic Security is rated 7.6, while USM Anywhere is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and CrowdStrike Falcon. See our Elastic Security vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.