We performed a comparison between Sumo Logic Security and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We can ingest logs and make reports out of them. It is a good tool which can help us monitor any issues."
"We use it to ingest Windows domain controller logs. We use this to monitor if anyone is placed in particular administration groups that potentially shouldn't be. It helps us keep track of people."
"It helps a lot because we can troubleshoot issues pretty easily."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"With this tool, we provide access to every developer team the ability to find errors, then they come to us and ask for specific help."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"The asset management of nodes has been a large help in terms of being able to track applications with more detail and have changes made being monitored into one source."
"The Event Correlation and vulnerability scans have been the most useful. As a 24/7 SOC, we use the incoming alarms to give an overview of suspicious traffic going through the network. It's easy to look at the correlated events and see the broad picture of traffic for that customer. Vulnerability scans are good for providing patch and remediation guidelines to keep customer systems secure."
"The best feature of this product is the ease of use. It is extremely easy to set up and get going. This is a very useful tool for a small organization."
"The USM is a work horse, no matter what devices or the number of logs we throw at it, the system processes them in real time, correlates the events, and alerts on only events that need human review."
"Any unusual behaviour, we can monitor. We have alerts set up to be sent when we receive signs of any unusual behaviour."
"Its powerful correlation engine helps reduce time in manually correlating events."
"Easy to use, scalable, stable, and very intuitive platform that provides protection against security threats."
"The AlienVault solution has enabled us to create a SOC on a budget with smaller than usual staff requirements, offering a wider range of solutions for our customers."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"If you want to up your subscription through the AWS Marketplace, it can be difficult. You can't just go back to the AWS Marketplace, and say, "I want a bigger one now." You have to contact the sales team, then they do it on the back-end. This could definitely be improved."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"Sumo Logic Security is expensive, and its pricing could be improved."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"There are some API gaps that are missing."
"The initial setup is the most stressful, like learning how to use it."
"The API integration in Sumo Logic Security could improve. There are delayed connections or they stop and then automatically start. Having a seamless log collection would be beneficial."
"I'd like to see a dashboard that's a little more descriptive."
"Maybe logs are the problem, as the database query is too slow. If you want to search something, you need time to find it."
"The other thing is the agent is OSSEC. They needed to create its own agent to help to find threats on the devices that it happens to be installed."
"One area that has room for improvement is storage. AllienVault is a good place to put logs, but sometimes it's a tough place to go get logs... The logger can only hold so much data. If they improved that, that would help."
"We would like more plugins. This being the main point of improvement which would benefit the users."
"I've been using it just for my own personal upskilling in terms of how the product works. At the moment, it is pretty straightforward and simple, and it is working how it is supposed to. The feedback would come once it is deployed to customer sites. They'll be using it on a more frequent basis, and that's when the feedback would come in terms of the areas in which they're facing issues or are looking for simplicity."
"There could be some type of integration with our existing portal. We have our own customer portals, and it would be good if there was an integration so that our portal can provide reports. There could be some type of API into the AlienVault system with the USM system so that it is easy to show the customers high-level reports of the system through our portal."
"AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive."
Sumo Logic Security is ranked 17th in Security Information and Event Management (SIEM) with 18 reviews while USM Anywhere is ranked 13th in Security Information and Event Management (SIEM) with 113 reviews. Sumo Logic Security is rated 8.6, while USM Anywhere is rated 8.4. The top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Microsoft Sentinel, Splunk Enterprise Security and Google Chronicle Suite, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Microsoft Sentinel. See our Sumo Logic Security vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors, best Log Management vendors, and best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
