We performed a comparison between Elastic Security and USM Anywhere based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Elastic Security is commended for its adaptability, extensive customization options, and seamless integration with the ELK Stack. USM Anywhere is highly regarded for its extensive reporting capabilities, thorough vulnerability assessment, seamless file integration, and user-friendly management features. Elastic Security could improve by reducing resource usage, automating threat response, and simplifying the user experience. USM Anywhere users have suggested improvements in self-service plugin management, database optimization, and third-party threat intelligence integration.
Service and Support: Some Elastic Security users found their support helpful, while others experienced difficulties and delays. Some users say that USM Anywhere's customer service is knowledgeable and responsive, while others have faced delays and incomplete answers.
Ease of Deployment: Elastic Security generally has a straightforward setup but may require trained specialists. USM Anywhere's initial setup is generally considered to be straightforward if the user has technical knowledge. Vendor assistance is also available during the deployment phase.
Pricing: Elastic Security is considered affordable and cost-effective, with pricing based on the size of the monitored environment. USM Anywhere has garnered favorable feedback regarding its ROI.
ROI: Elastic Security has shown mixed results in terms of ROI, with some users expressing concerns about the quality of their premium support. USM Anywhere has garnered favorable feedback regarding its ROI.
"Ability to get forensics details and also memory exfiltration."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"The price is low and quite competitive with others."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The stability is very good."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"It can handle millions of loads at a time, and you can always use the filters to find exactly what you are looking for and detect errors in every log message you are searching for, basically."
"The solution has all the features that we need, however they do not work correctly."
"It provides a single pane of glass view, coupled with a whole security ecosystem. The ability to manage everything from a central point, including vulnerability assessments, asset management - including the services provided by the various hosts, NIDS, HIDS, etc. - provides a very efficient way of dealing with things."
"AlienVault provides a checklist answer when using SIEM."
"Asset discovery and vulnerability scanner are good features. The integration between this solution and OTX, which is an AlienVault platform for Open Threat Exchange, is also a valuable feature. It is also quick and easy to deploy, so you can quickly engage with a customer's environment."
"The vulnerability scanning is helpful to identify the areas that need patching or fixes installed."
"The most valuable feature is threat intelligence."
"Having everything in a central place has been helpful."
"The most valuable feature in AT&T AlienVault USM is the reporting."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"ZTNA can improve latency."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The dashboard isn't easy to access and manage."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"The interface could be more user friendly because it is sometimes hard to deal with."
"We'd like better premium support."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price."
"The dashboard could be improved as well as the level of customization."
"I've been using it just for my own personal upskilling in terms of how the product works. At the moment, it is pretty straightforward and simple, and it is working how it is supposed to. The feedback would come once it is deployed to customer sites. They'll be using it on a more frequent basis, and that's when the feedback would come in terms of the areas in which they're facing issues or are looking for simplicity."
"Support can be slow at times, but the quality is high. Posted knowledge base articles could use improvement."
"I want to see more compliance management capability. The quality of integrations seems to be a little bit low."
"AlienVault needs to continue to integrate with other third-party technologies that clients want to have monitored."
"The solution already has quite good tools, however, they need better integration tools for linking with Office 365, Google Suite, and so on."
"Different functions to customize reports should be added."
"The price of AT&T AlienVault USM could be reduced."
Elastic Security is ranked 5th in Log Management with 58 reviews while USM Anywhere is ranked 15th in Log Management with 113 reviews. Elastic Security is rated 7.6, while USM Anywhere is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and CrowdStrike Falcon. See our Elastic Security vs. USM Anywhere report.
See our list of best Log Management vendors, best Endpoint Detection and Response (EDR) vendors, and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.