We performed a comparison between SolarWinds Security Event Manager and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The UI of Sentinel is very good and easy to use, even for beginners."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The pricing of the product is excellent."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."
"It supports high availability, which is very helpful."
"SolarWinds' stability is fine. I don't think we've had any software issues."
"It's easy to build rules and actions based on the logs and event types we collect with the software."
"This tool is simple to use."
"We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before."
"The graphical user interface is very user-friendly. SolarWinds is a hybrid solution so you can use it across many platforms."
"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."
"The ease of implementation is the most valuable feature."
"Easy to use, scalable, stable, and very intuitive platform that provides protection against security threats."
"The most valuable feature is threat intelligence."
"It has allowed us to see what is happening on our servers."
"The solution has all the features that we need, however they do not work correctly."
"It is my "security person" looking at irregularities and letting me know when something has occurred."
"The AlienVault solution has enabled us to create a SOC on a budget with smaller than usual staff requirements, offering a wider range of solutions for our customers."
"The best feature of this product is the ease of use. It is extremely easy to set up and get going. This is a very useful tool for a small organization."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"The reporting could be more structured."
"The reporting could be more robust. It can be a lot more granular and that will make it a lot more useful in comparison to how it is incorporated at the moment."
"The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow."
"The only issue is the pricetag. SolarWinds is a costly solution."
"The product should improve the ease with which you can create event alerts. They are not as hard now but you need to have an easier way."
"One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install, configure, and maintain."
"SolarWinds should improve its correlation capabilities. The correlation does not automatically detect and reduce the events fast enough. You have to manually do a correlation report, which means the tool is not scalable in many ways."
"It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery."
"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."
"Adding a parsing interface for the customers would make AT&T AlienVault USM better."
"I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins."
"There are many reports included but would be nice to have better access to the data."
"The reporting is mediocre and is something that needs to be improved."
"It would be nice to see some machine learning and monitoring of the configuration in network devices."
"One area that has room for improvement is storage. AllienVault is a good place to put logs, but sometimes it's a tough place to go get logs... The logger can only hold so much data. If they improved that, that would help."
"It was easy on PoC, but when we got to the product it was different story. We had to learn the product again and got feeling that the PoC was a different product."
"The vulnerability reporting needs to have options to be able to sort or customize the output."
More SolarWinds Security Event Manager Pricing and Cost Advice →
SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. SolarWinds Security Event Manager is rated 7.8, while USM Anywhere is rated 8.4. The top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Wazuh and Microsoft Defender XDR, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Rapid7 InsightIDR. See our SolarWinds Security Event Manager vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.