We performed a comparison between Group-IB Threat Intelligence and USM Anywhere based on real PeerSpot user reviews.
Find out what your peers are saying about Recorded Future, Microsoft, Check Point Software Technologies and others in Threat Intelligence Platforms."The most valuable Group-IB Threat Intelligence features are their detections, especially in terms of account and card information leakage. This data sets Group-IB apart from some of the competition."
"The totality of the recordings is quite important. The networks, the new threat actors, the new methods, tactics, techniques, and procedures."
"Threat Intelligence's best feature is threat activation."
"We have found the site intelligence features to be the most valuable."
"The tool's most valuable feature is the sandbox."
"This solution can completely detect and prevent incidents on your network."
"Having everything in a central place has been helpful."
"Using the communication within the security device, it is easier to create plugins."
"The AlienVault solution has enabled us to create a SOC on a budget with smaller than usual staff requirements, offering a wider range of solutions for our customers."
"SIEM log collection is great, and all of the rules that support updates with maintenance."
"AlienVault has an advanced component within one package. With this, we can cover more area with one solution."
"Ease of deployment across various environments."
"We had used previous products and found AlienVault centralized the logging for our security."
"The web intelligence could be improved. It is not as good as the intelligence from other solutions."
"Threat Intelligence's OT security could be improved."
"The lack of appliance-based or on-premise options for this solution is its biggest downfall. Clients request them often."
"Group-IB Threat Intelligence should improve integration for SIEM and SOAR solutions."
"As the landscape evolves, they could provide a little more detail or specificity to map it to the MITRE ATT&CK framework."
"For creating new rules, you have to be familiar with regular expressions. I feel there could be something built-in to make sure that process is easier."
"The vulnerability reporting needs to have options to be able to sort or customize the output."
"The other thing is the agent is OSSEC. They needed to create its own agent to help to find threats on the devices that it happens to be installed."
"The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."
"I've been told that AlienVault doesn't have a full version of NES running in there, but I'm not sure if that's accurate or if my engineer made it that way. I'm not sure he was completely honest either because we had NES in the environment before. Those tools could be improved because AlienVault is a SIEM, and it added all these other features."
"Reporting is convoluted and difficult at times, although they claim to have hundreds of pre-built reports, very few of them are actually useful for anything but what the USM is doing."
"There are many reports included but would be nice to have better access to the data."
"AlienVault needs to continue to integrate with other third-party technologies that clients want to have monitored."
Group-IB Threat Intelligence is ranked 8th in Threat Intelligence Platforms with 5 reviews while USM Anywhere is ranked 13th in Security Information and Event Management (SIEM) with 113 reviews. Group-IB Threat Intelligence is rated 8.8, while USM Anywhere is rated 8.4. The top reviewer of Group-IB Threat Intelligence writes "Easy to setup, highly stable and scalable and efficiently tracks threat actors and analyze their tactics". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Group-IB Threat Intelligence is most compared with Recorded Future, Kaspersky Threat Intelligence Services, Mandiant Advantage, CrowdStrike Falcon and Anomali ThreatStream, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Microsoft Sentinel.
We monitor all Threat Intelligence Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.