We performed a comparison between AT&T AlienVault USM and Wazuh based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between the two products is that Wazuh users say the product is missing threat intelligence. In addition, Wazuh users do not mention an ROI. For these reasons, AT&T AlienVault USM is the winner in this comparison.
"It has powerful threat detection, incident response, and compliance management."
"This is a USM, so being able to get all the features under one roof makes it a good product with good new features."
"The solution has all the features that we need, however they do not work correctly."
"We had used previous products and found AlienVault centralized the logging for our security."
"Having everything in a central place has been helpful."
"Reports are customized, so you can present them to executives or engineers."
"It brought our logs into one place for review and set up alarms based on changes we were missing due to lack of having one place for everything to go."
"Its powerful correlation engine helps reduce time in manually correlating events."
"Wazuh has very flexible and robust features."
"One of the most beneficial features of Wazuh, particularly in the context of security needs, is the machine learning data handling capability."
"Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases."
"It's stable."
"If they support a solution, it is easy to do an integration."
"I like Wazuh because it is a lot like ELK, which I was already comfortable with, so I didn't have to learn from scratch."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company."
"One area that has room for improvement is storage. AllienVault is a good place to put logs, but sometimes it's a tough place to go get logs... The logger can only hold so much data. If they improved that, that would help."
"AlienVault needs to continue to integrate with other third-party technologies that clients want to have monitored."
"In the future, I would like to see all these features of the solution working properly."
"There could be some type of integration with our existing portal. We have our own customer portals, and it would be good if there was an integration so that our portal can provide reports. There could be some type of API into the AlienVault system with the USM system so that it is easy to show the customers high-level reports of the system through our portal."
"The reporting is mediocre and is something that needs to be improved."
"We would like more plugins. This being the main point of improvement which would benefit the users."
"Sometimes the log is unclear, and the report is a bit ambiguous."
"The lack of mature functionality and expertise in any of those areas is a strong negative."
"Scalability is a challenge because it is distributed architecture and it uses Elastic DB. Their Elastic DB doesn't allow open source waste application."
"Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system."
"While it is scalable, it can suffer from reduced latencies."
"Wazuh needs more security and features, particularly visualization features and a health monitor."
"The technical support can be improved. Wazuh has some bugs that need to be fixed. It would be good if we can have automation with respect to incidence responses."
"The tool doesn't detect anomalies or new environments."
"I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions."
"Log data analysis could be improved. My IT team has been looking for an alternative because they want better log data for malware detection. We are also doing more container implementation also, so we need better container security, log data analysis, auditing and compliance, malware detection, etc."
USM Anywhere is ranked 15th in Log Management with 113 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. USM Anywhere is rated 8.4, while Wazuh is rated 7.4. The top reviewer of USM Anywhere writes "Easy to use and affordable". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". USM Anywhere is most compared with AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel and LogRhythm SIEM, whereas Wazuh is most compared with Elastic Security, Security Onion, AlienVault OSSIM, Splunk Enterprise Security and Graylog. See our USM Anywhere vs. Wazuh report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.