SolarWinds Security Event Manager vs USM Anywhere comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between SolarWinds Security Event Manager and USM Anywhere based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed SolarWinds Security Event Manager vs. USM Anywhere Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc.""The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent.""Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment.""The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found.""One of the most valuable features of Microsoft Sentinel is that it's cloud-based.""It has a lot of great features.""It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks.""The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."

More Microsoft Sentinel Pros →

"The graphical user interface is very user-friendly. SolarWinds is a hybrid solution so you can use it across many platforms.""It's extremely easy to deploy.""The most valuable feature of this solution is the visibility into both attempted and failed logins.""SolarWinds is easy to configure, and it provides timely alerts.""The most valuable feature is the ease of use for the end user.""We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before.""The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers.""It supports high availability, which is very helpful."

More SolarWinds Security Event Manager Pros →

"It provides a single pane of glass view, coupled with a whole security ecosystem. The ability to manage everything from a central point, including vulnerability assessments, asset management - including the services provided by the various hosts, NIDS, HIDS, etc. - provides a very efficient way of dealing with things.""There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems.""The most valuable feature in AT&T AlienVault USM is the reporting.""It has allowed us to see what is happening on our servers.""The Event Correlation and vulnerability scans have been the most useful. As a 24/7 SOC, we use the incoming alarms to give an overview of suspicious traffic going through the network. It's easy to look at the correlated events and see the broad picture of traffic for that customer. Vulnerability scans are good for providing patch and remediation guidelines to keep customer systems secure.""It has streamlined log aggregation and analysis to meet organizational and regulatory needs.""AlientVault has helped us in improving our visualization and incident response during cybersecurity situations.""Any unusual behaviour, we can monitor. We have alerts set up to be sent when we receive signs of any unusual behaviour."

More USM Anywhere Pros →

Cons
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons.""We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days.""The reporting could be more structured.""They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft.""If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement.""Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc.""Add more out-of-the-box connectors with other SaaS platforms/applications.""Microsoft Sentinel is relatively expensive, and its cost should be improved."

More Microsoft Sentinel Cons →

"There are no multiple dashboards which would allow you to see information side-by-side.""The only issue is the pricetag. SolarWinds is a costly solution.""It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery.""I would like to have a more customizable dashboard.""I would like to be able to dig deeper into the visibility of events or incidents to determine whether they are malicious, such as by doing behavior analysis.""The company had to use a third party for the implementation of the solution.""The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow.""One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install, configure, and maintain."

More SolarWinds Security Event Manager Cons →

"This solution could be easier to use.""The reporting aspect could be improved. While there are a lot of different options available, there are still pieces which are missing.""It would be hard for any legitimate MSSP to use it.""It was easy on PoC, but when we got to the product it was different story. We had to learn the product again and got feeling that the PoC was a different product.""Windows log collection works with HIDS, but documentation is sparse and confusing.""I've been told that AlienVault doesn't have a full version of NES running in there, but I'm not sure if that's accurate or if my engineer made it that way. I'm not sure he was completely honest either because we had NES in the environment before. Those tools could be improved because AlienVault is a SIEM, and it added all these other features.""The solution is a bit complicated. It could be simplified quite a bit.""Maybe logs are the problem, as the database query is too slow. If you want to search something, you need time to find it."

More USM Anywhere Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."
  • More Microsoft Sentinel Pricing and Cost Advice →

  • "Licensing is on devices, so if you have many, then this may be high."
  • "We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."
  • "The pricing model would benefit from having package deals with other SolarWinds products."
  • "Licenses can only be purchased in blocks of fifty at a time."
  • "It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."
  • "The price of SolarWinds Security Event Manager is reasonable."
  • More SolarWinds Security Event Manager Pricing and Cost Advice →

  • "AlienVault is flexible on their pricing for unlimited licenses."
  • "Pricing is very competitive with other products and you get much more functionality from AlienVault."
  • "QRadar, ArcSight and Splunk are some of the most expensive SIEM products out there in the market and not everyone has the budget to buy them. In such cases, AV USM is a very cost effective alternative."
  • "Do the one month trial and try to work out the kinks during it, as it has free support and service hours."
  • "We checked out several competitors. For what it can do and the cost, it was the best option!"
  • "Use the AlienVault team. They are helpful and the documentation that they provide is second to none."
  • "​The price point is good.​"
  • "It has good pricing."
  • More USM Anywhere Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Top Answer:The solution helps you monitor database instances, application instances, other customer application things, Linux… more »
    Top Answer:The cost is exorbitantly high. The trial version lasts for thirty days, but I found a subscription plan priced at four… more »
    Top Answer:One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install… more »
    Top Answer:The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the… more »
    Top Answer:It is a product that is priced in a medium range, making it neither a cheap nor a costly product.
    Top Answer:The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve… more »
    Comparisons
    Also Known As
    Azure Sentinel
    SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager
    AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
    Learn More
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    When TriGeo was acquired by SolarWinds, TriGeo SIM became known as SolarWinds Log & Event Manager. This product is a leading Security Information and Event Management (SIEM) product and log management solution, which provides log collection, analysis, and real-time correlation.

    USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

    Discover

    • Network asset discovery
    • Software & services discovery
    • AWS asset discovery
    • Azure asset discovery
    • Google Cloud Platform asset discovery

    Analyze

    • SIEM event correlation, auto-prioritized alarms
    • User activity monitoring
    • Up to 90-days of online, searchable events

    Detect

    • Cloud intrusion detection (AWS, Azure, GCP)
    • Network intrusion detection (NIDS)
    • Host intrusion detection (HIDS)
    • Endpoint Detection and Response (EDR)

    Respond

    • Forensics querying
    • Automate & orchestrate response
    • Notifications and ticketing

    Assess

    • Vulnerability scanning
    • Cloud infrastructure assessment
    • User & asset configuration
    • Dark web monitoring

    Report

    • Pre-built compliance reporting templates
    • Pre-built event reporting templates
    • Customizable views and dashboards
    • Log storage
    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.
    Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Computer Software Company21%
    Financial Services Firm16%
    Government11%
    Educational Organization11%
    VISITORS READING REVIEWS
    Educational Organization67%
    Computer Software Company5%
    Government4%
    Financial Services Firm3%
    REVIEWERS
    Financial Services Firm20%
    Healthcare Company17%
    Computer Software Company9%
    Comms Service Provider7%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider8%
    Government8%
    Educational Organization7%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    REVIEWERS
    Small Business65%
    Midsize Enterprise12%
    Large Enterprise23%
    VISITORS READING REVIEWS
    Small Business10%
    Midsize Enterprise71%
    Large Enterprise19%
    REVIEWERS
    Small Business54%
    Midsize Enterprise25%
    Large Enterprise21%
    VISITORS READING REVIEWS
    Small Business35%
    Midsize Enterprise18%
    Large Enterprise47%
    Buyer's Guide
    SolarWinds Security Event Manager vs. USM Anywhere
    March 2024
    Find out what your peers are saying about SolarWinds Security Event Manager vs. USM Anywhere and other solutions. Updated: March 2024.
    765,386 professionals have used our research since 2012.

    SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews while USM Anywhere is ranked 10th in Security Information and Event Management (SIEM) with 113 reviews. SolarWinds Security Event Manager is rated 7.6, while USM Anywhere is rated 8.4. The top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender XDR and Wazuh, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Rapid7 InsightIDR. See our SolarWinds Security Event Manager vs. USM Anywhere report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.