We performed a comparison between USM Anywhere and Zabbix based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The product can integrate with any device."
"It's pretty powerful and its performance is pretty good."
"It has basic out-of-the-box integrations with multiple log sources."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The analytic rule is the most valuable feature."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The connectivity and analytics are great."
"AlienVault has an advanced component within one package. With this, we can cover more area with one solution."
"AlientVault has helped us in improving our visualization and incident response during cybersecurity situations."
"The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful."
"The most valuable feature is threat intelligence."
"The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events."
"The best feature of this product is the ease of use. It is extremely easy to set up and get going. This is a very useful tool for a small organization."
"Every activity on the firewall is recorded, and notifications are sent with this solution."
"As we have to service several servers, we can manage them in a economical way, which is beneficial to our team and business."
"Zabbix is an excellent performance monitoring tool."
"Every new asset placed in the environment can be automatically detected, predicting human failures."
"It's a flexible solution."
"I'm supervising all the IT departments, and Zabbix seems quite good for them. It provides graphics and information in real time. We get alerts about crashes on the system, enabling us to quickly repair issues. We can easily find devices with problems."
"Zabbix is scalable."
"We like the user-interface for this solution, which makes it an easy to use tool."
"Dashboard and the customization of the items and triggers are the most valuable features."
"Zabbix is a cost-effective solution. We're a small organization with a few dozen devices to monitor, and it was available for free. We can see what we need. We haven't done an in-depth analysis on it, but we're currently okay with the product."
"One key area that can be improved is by building a strong integration with our XDR platform."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"Reporting is convoluted and difficult at times, although they claim to have hundreds of pre-built reports, very few of them are actually useful for anything but what the USM is doing."
"The vulnerability reporting needs to have options to be able to sort or customize the output."
"I feel that some areas of improvement would be vulnerability scanning. We use a separate product that seems to do a much better job."
"The other thing is the agent is OSSEC. They needed to create its own agent to help to find threats on the devices that it happens to be installed."
"I'd like to see a dashboard that's a little more descriptive."
"It was easy on PoC, but when we got to the product it was different story. We had to learn the product again and got feeling that the PoC was a different product."
"Maybe logs are the problem, as the database query is too slow. If you want to search something, you need time to find it."
"One area that has room for improvement is storage. AllienVault is a good place to put logs, but sometimes it's a tough place to go get logs... The logger can only hold so much data. If they improved that, that would help."
"Zabbix isn't very good at automation just yet."
"We had some scalability issues with a large number of nodes."
"Zabbix is not easy to configure, and upgrading is also an issue."
"Zabbix could improve when it comes to large-scale use cases. Additionally, the inventory could be better when connecting to other solutions, such as ServiceNow. There show to be better integration with other platforms and storage."
"Zabbix claims that there is an auto-discovery process but my team member was facing difficulty and was told that it's not really automatic, and there are some manual steps."
"I would like to see a more flexible mobile client, and better HA out of the box."
"My company wanted to do an exercise command to access IT from Cameroon. They wanted to access an FSS to a second host with second equipment that was on another coast but it is not possible on Zabbix to do it. They want to directly access from the front-end of Zabbix to access a prompt in Zabbix to an access terminal. In the front-end, there is no way to do that. That would be an important improvement."
"There is a bit of a learning curve during installation."
USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews while Zabbix is ranked 1st in Network Monitoring Software with 100 reviews. USM Anywhere is rated 8.4, while Zabbix is rated 8.2. The top reviewer of USM Anywhere writes "Easy to use and affordable". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Rapid7 InsightIDR, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios Core and Nagios XI.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
