We performed a comparison between Elastic Security and USM Anywhere based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Elastic Security is commended for its adaptability, extensive customization options, and seamless integration with the ELK Stack. USM Anywhere is highly regarded for its extensive reporting capabilities, thorough vulnerability assessment, seamless file integration, and user-friendly management features. Elastic Security could improve by reducing resource usage, automating threat response, and simplifying the user experience. USM Anywhere users have suggested improvements in self-service plugin management, database optimization, and third-party threat intelligence integration.
Service and Support: Some Elastic Security users found their support helpful, while others experienced difficulties and delays. Some users say that USM Anywhere's customer service is knowledgeable and responsive, while others have faced delays and incomplete answers.
Ease of Deployment: Elastic Security generally has a straightforward setup but may require trained specialists. USM Anywhere's initial setup is generally considered to be straightforward if the user has technical knowledge. Vendor assistance is also available during the deployment phase.
Pricing: Elastic Security is considered affordable and cost-effective, with pricing based on the size of the monitored environment. USM Anywhere has garnered favorable feedback regarding its ROI.
ROI: Elastic Security has shown mixed results in terms of ROI, with some users expressing concerns about the quality of their premium support. USM Anywhere has garnered favorable feedback regarding its ROI.
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Ability to get forensics details and also memory exfiltration."
"The stability is very good."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The setup is pretty simple."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"ELK documentation is very good, so never needed to contact technical support."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"Elastic Security is very easy to adapt."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"Stability-wise, I rate the solution a ten out of ten."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"Vulnerability scanning helped out shortcomings of what was not patched in the past and what needed to be patched. This assisted with fine tuning the environment for compliance."
"Asset discovery seems to be good."
"The most valuable feature is threat intelligence."
"AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable."
"The best feature of this product is the ease of use. It is extremely easy to set up and get going. This is a very useful tool for a small organization."
"As we have to service several servers, we can manage them in a economical way, which is beneficial to our team and business."
"The AlienVault solution has enabled us to create a SOC on a budget with smaller than usual staff requirements, offering a wider range of solutions for our customers."
"The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful."
"Detections could be improved."
"I haven't seen the use of AI in the solution."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"Making the portal mobile friendly would be helpful when I am out of office."
"The only minor concern is occasional interference with desired programs."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The solution could offer better reporting features."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."
"The dashboard could be improved as well as the level of customization."
"AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive."
"It should be able to communicate with other security solutions to stop threats."
"I've been told that AlienVault doesn't have a full version of NES running in there, but I'm not sure if that's accurate or if my engineer made it that way. I'm not sure he was completely honest either because we had NES in the environment before. Those tools could be improved because AlienVault is a SIEM, and it added all these other features."
"Adding a parsing interface for the customers would make AT&T AlienVault USM better."
"For creating new rules, you have to be familiar with regular expressions. I feel there could be something built-in to make sure that process is easier."
"There are many reports included but would be nice to have better access to the data."
"Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on the thing. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies."
Elastic Security is ranked 5th in Security Information and Event Management (SIEM) with 59 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. Elastic Security is rated 7.6, while USM Anywhere is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and CrowdStrike Falcon. See our Elastic Security vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.