We performed a comparison between ArcSight Logger, IBM Security QRadar, and USM Anywhere based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."The machine learning is a good feature."
"It's a robust, mature product and you can do some really complex operations and analytics."
"We check a lot of logs in ArcSight Logger because we're running a massive database platform."
"Some of the most valuable features I really appreciate are the performance, how quick the solution is, and how easy it is to create a query."
"It provides in-depth information on business activities once we log into the system."
"The most valuable feature is the level of detail that you can see about certain events, even when they do not come up in the console."
"It is one of the best products available in the market."
"The technical support team is good...It is a scalable solution."
"Vulnerability detection is the most valuable feature. It's the tool that finds the threats."
"The interface is good."
"The threat protection network is the most valuable feature, because when you get an offense, you can actually trace it back to where it originated from, how it originated, and why."
"Technical support is good overall."
"In terms of the most valuable features, the log collections and log processing mechanisms are good. They have good dashboards."
"It is a very good SIEM."
"This console gives you the entire view, which makes life easier and allows you to take precautionary measures."
"The solution is reliable."
"Having everything in a central place has been helpful."
"The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events."
"The vulnerability manager and the file integration are very good."
"Vulnerability scanning helped out shortcomings of what was not patched in the past and what needed to be patched. This assisted with fine tuning the environment for compliance."
"It has streamlined log aggregation and analysis to meet organizational and regulatory needs."
"The solution is stable."
"The most valuable feature of this solution is security management for PCI DSS."
"It has allowed us to see what is happening on our servers."
"It would be better if the product is cheaper."
"I think the ArcSight team should try to simplify legacy products for the customers, because that product is not easy to use or to work with. It needs more more competency or appeal to use. We hope Micro Focus is trying to resolve this."
"The solution could be improved in maintenance settings."
"I had some latency issues for two months. I had to increase our storage capacity significantly to reduce the latency."
"I would rate the technical support only 5 out of 10. The technical support is not satisfactory."
"The console in older versions is not user-friendly."
"The solution must provide readymade connectors for different applications."
"We have had problems with archiving."
"For the common needs of clients to fulfill requirements, a real integration with Blueworks Live (BPA modeling tool also from IBM) and a more suitable BPM on cloud solution for midsize customers."
"In terms of what could be improved, I would say the script which we have to create for custom actions. QRadar needs to improve that feature. Additionally, QRadar has to provide the playbooks designing features."
"Dashboards and reports could provide better visualization of SIEM activity."
"There should be more opportunity for community kind of distribution where, for example, if there was a zero-day threat targeting companies."
"It is very difficult to activate all of the network equipment, and it would help if it were made easier."
"The features that could be improved include the licensing model and the dashboards and all those presentations. Overall, the user experience part can be improved."
"There are areas in IBM Security QRadar that could benefit from improvement. Its ability to customize knowledge for specific purposes could be enhanced. Also, it lacks clarity in presenting details. It is also difficult to see the reports."
"Integration could be better. They should make it easy to integrate with other solutions."
"The GUI needs to improve because it's not user-friendly."
"Search performance can be slow. The Raw Logs feature is painfully slow. And if we're talking about the newer, the Anywhere product, you can't even schedule reports on the thing. There are probably a dozen other features I'd really like to see there, but that would be one of the biggies."
"There are many reports included but would be nice to have better access to the data."
"AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive."
"I want to see more compliance management capability. The quality of integrations seems to be a little bit low."
"The only complex area of the setup was writing the custom scripts."
"Reporting is convoluted and difficult at times, although they claim to have hundreds of pre-built reports, very few of them are actually useful for anything but what the USM is doing."
"I've been using it just for my own personal upskilling in terms of how the product works. At the moment, it is pretty straightforward and simple, and it is working how it is supposed to. The feedback would come once it is deployed to customer sites. They'll be using it on a more frequent basis, and that's when the feedback would come in terms of the areas in which they're facing issues or are looking for simplicity."