We performed a comparison between Sumo Logic Security and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"It helps a lot because we can troubleshoot issues pretty easily."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"We can integrate threat intelligence solutions into the product."
"We are able to diagnose problems before our customers."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"The most valuable feature in AT&T AlienVault USM is the reporting."
"The asset management functionality (active and passive scans) is also really important. You can't protect what you do not know about, so having an inventory of all your devices and software is critical to a security management program."
"AlienVault provides a checklist answer when using SIEM."
"The setup is very easy and straightforward."
"It brought our logs into one place for review and set up alarms based on changes we were missing due to lack of having one place for everything to go."
"The solution is stable."
"The AlienVault solution has enabled us to create a SOC on a budget with smaller than usual staff requirements, offering a wider range of solutions for our customers."
"Allowed us to help our customers satisfy compliance needs around logging and monitoring."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"The solution should improve its UI."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
"The initial setup is the most stressful, like learning how to use it."
"There are some API gaps that are missing."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
"The other thing is the agent is OSSEC. They needed to create its own agent to help to find threats on the devices that it happens to be installed."
"Reporting is convoluted and difficult at times, although they claim to have hundreds of pre-built reports, very few of them are actually useful for anything but what the USM is doing."
"AlienVault cannot automatically respond to threats like other SIEM solutions, such as Sentinel and LogRhythm. Most of our clients are far away, so it's often challenging to handle alerts when they come up on our dashboard."
"USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it."
"The reporting aspect could be improved. While there are a lot of different options available, there are still pieces which are missing."
"We would like more plugins. This being the main point of improvement which would benefit the users."
"Windows log collection works with HIDS, but documentation is sparse and confusing."
"In the future, I would like to see all these features of the solution working properly."
Sumo Logic Security is ranked 17th in Security Information and Event Management (SIEM) with 18 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. Sumo Logic Security is rated 8.6, while USM Anywhere is rated 8.4. The top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Sumo Logic Security is most compared with Microsoft Sentinel, Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security and VMware Aria Operations for Logs, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Microsoft Sentinel. See our Sumo Logic Security vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.