We performed a comparison between AT&T AlienVault USM and Wazuh based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between the two products is that Wazuh users say the product is missing threat intelligence. In addition, Wazuh users do not mention an ROI. For these reasons, AT&T AlienVault USM is the winner in this comparison.
"The most valuable feature is threat intelligence."
"I can easily check (in one place) all the logs and data in relation to attacks. It also gives me an overview if a server is not configured properly."
"It allows for a lot of out-of-the-box features: vuln scanning, HIDS/HIPS, and IDS."
"This solution can completely detect and prevent incidents on your network."
"The ease of implementation is the most valuable feature."
"We had used previous products and found AlienVault centralized the logging for our security."
"It provides a single pane of glass view, coupled with a whole security ecosystem. The ability to manage everything from a central point, including vulnerability assessments, asset management - including the services provided by the various hosts, NIDS, HIDS, etc. - provides a very efficient way of dealing with things."
"It has powerful threat detection, incident response, and compliance management."
"Its cost-effectiveness is the most valuable aspect."
"It offers built-in modules for file integrity and vulnerability management."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"It has efficient SCA capabilities."
"Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring."
"If they support a solution, it is easy to do an integration."
"The tool is stable."
"I've been told that AlienVault doesn't have a full version of NES running in there, but I'm not sure if that's accurate or if my engineer made it that way. I'm not sure he was completely honest either because we had NES in the environment before. Those tools could be improved because AlienVault is a SIEM, and it added all these other features."
"More complimentary training needs to be done for use with this tool. If you get into a bind, then it will cost you."
"We would like more plugins. This being the main point of improvement which would benefit the users."
"I feel that some areas of improvement would be vulnerability scanning. We use a separate product that seems to do a much better job."
"We develop additional rules and scripts to make it more usable."
"As this software is in the cloud, you do not have control on updates and general changes which are happening."
"In the future, I would like to see all these features of the solution working properly."
"The vulnerability reporting needs to have options to be able to sort or customize the output."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"We would like to see more improvements on the cloud."
"The tool does not provide CTI to monitor darknet."
"Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
"The tool doesn't detect anomalies or new environments."
"A more structured approach, perhaps with modular UI components, to facilitate easier integration and navigation within the Wazuh platform for custom integrations would be beneficial."
"Since it's an open-source tool, scalability is the main issue."
USM Anywhere is ranked 17th in Log Management with 113 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. USM Anywhere is rated 8.4, while Wazuh is rated 7.4. The top reviewer of USM Anywhere writes "Easy to use and affordable". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". USM Anywhere is most compared with AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel and LogRhythm SIEM, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and Graylog. See our USM Anywhere vs. Wazuh report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.