We performed a comparison between Exabeam Fusion SIEM and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"It's a very user-friendly product and it's a very comprehensive technology."
"The advanced analytics has a really great overview of user behavior."
"The most valuable feature of Exabeam Fusion SIEM is the easy-to-use user interface."
"The setup is not difficult. It was easy."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"The way it can connect with AWS is very useful, and the integrations are pretty good."
"The solution's initial setup process is easy."
"We're using it more for reporting, that's all. We're using it to help our customers to pass any kind of audits that they receive."
"Its powerful correlation engine helps reduce time in manually correlating events."
"SIEM log collection is great, and all of the rules that support updates with maintenance."
"AlientVault has helped us in improving our visualization and incident response during cybersecurity situations."
"Our main focus was intrusion detection, alerts, and correlation. It's easy to use AlienVault and integrate it with other alert tools because it includes lots of connectors. Either the tool is already there, or AlienVault will write an API for us if they don't have a connector for the solution that is providing the logs."
"Allowed us to help our customers satisfy compliance needs around logging and monitoring."
"It allows you to define what alerts you want to see, or not to see, as well as if you want them grouped, or ungrouped."
"It brought our logs into one place for review and set up alarms based on changes we were missing due to lack of having one place for everything to go."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"The troubleshooting has room for improvement."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
"They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however."
"They should provide detailed information about detecting phishing emails."
"The organzation is rigid and not flexible in the way they operate"
"Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
"I believe if it were more flexible it would be a better product."
"The only problem is that the UI is not very impressive."
"There could be some type of integration with our existing portal. We have our own customer portals, and it would be good if there was an integration so that our portal can provide reports. There could be some type of API into the AlienVault system with the USM system so that it is easy to show the customers high-level reports of the system through our portal."
"I've been using it just for my own personal upskilling in terms of how the product works. At the moment, it is pretty straightforward and simple, and it is working how it is supposed to. The feedback would come once it is deployed to customer sites. They'll be using it on a more frequent basis, and that's when the feedback would come in terms of the areas in which they're facing issues or are looking for simplicity."
"We develop additional rules and scripts to make it more usable."
"The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."
"One area that has room for improvement is storage. AllienVault is a good place to put logs, but sometimes it's a tough place to go get logs... The logger can only hold so much data. If they improved that, that would help."
"The reporting module could be a little easier to handle, as it requires quite some trial and error until you get the reports you want. Also, it would be great to have a graphical interface for the Network Intrusion Detection System's rule management."
"Plugins could be better utilized, as some of them do not recognize all logs."
"In the future, I would like to see all these features of the solution working properly."
Exabeam Fusion SIEM is ranked 32nd in Log Management with 10 reviews while USM Anywhere is ranked 15th in Log Management with 113 reviews. Exabeam Fusion SIEM is rated 8.0, while USM Anywhere is rated 8.4. The top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Exabeam Fusion SIEM is most compared with IBM Security QRadar, Palo Alto Networks Cortex XSOAR, Splunk Enterprise Security, Splunk User Behavior Analytics and Gurucul UEBA, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and IBM X-Force Exchange. See our Exabeam Fusion SIEM vs. USM Anywhere report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.