We performed a comparison between ManageEngine Log360 and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"We have no complaints about the features or functionality."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"It is easier to deploy than are other SIEMs, which is great. You can also get an overview of your environment, which is very handy."
"It is nice to be able to monitor and to have notifications."
"We haven't had any stability issues."
"The most valuable feature is that this solution is more secure than others, and there are more applications and features as well."
"ManageEngine Log360 is not difficult to deploy."
"You can have all of the logs from servers to network and it gets sent out to the correct owners. This is very helpful."
"The most valuable features for us are the application logs monitoring and the dashboard, which provides a single-pane view of all the ongoing activities."
"It basically helps us. We have to stay in compliance with certain issues with some of our customers. We have to have these types of tools in place for protecting our network and our data. We're in the aerospace industry, so we have a lot of defense contracts. So, all those guys will make sure that we're protecting their information, and it does a good job in that aspect."
"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."
"We are able to get alerts perfectly with FIM and VA features."
"Vulnerability scanning helped out shortcomings of what was not patched in the past and what needed to be patched. This assisted with fine tuning the environment for compliance."
"The solution is stable."
"AlienVault provides a checklist answer when using SIEM."
"Asset discovery seems to be good."
"It has powerful threat detection, incident response, and compliance management."
"There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"The playbook is a bit difficult and could be improved."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"We'd like also a better ticketing system, which is older."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"The troubleshooting has room for improvement."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"The support needs improvement."
"It takes a little bit of time for Log360 to actually learn your environment."
"The solution needs to improve hub storage. It should integrate AI and ML capabilities."
"The solution lacks some features when compared to other products."
"It's difficult to find which conditions have been applied to a report because they are provided by default by ManageEngine. However, with other SIEMs if you want to create a report, they provide details, like which conditions are triggering certain reports. This needs to be there in ManageEngine. It would be good to know which parameter has been applied to the report that is updating the system."
"The graphical interface could be made easier to use when you are connecting to different network equipment."
"We can log in as a local user, and it's fine, but when we login with an Active Directory user, we cannot."
"It is not expensive compared to other solutions."
"As this software is in the cloud, you do not have control on updates and general changes which are happening."
"The UI and overall processes need a little bit more love. This shows in the error banners that come up when you select certain things. There isn't a day that goes by that the UI doesn't error out and I can't view events for an alarm."
"I've been using it just for my own personal upskilling in terms of how the product works. At the moment, it is pretty straightforward and simple, and it is working how it is supposed to. The feedback would come once it is deployed to customer sites. They'll be using it on a more frequent basis, and that's when the feedback would come in terms of the areas in which they're facing issues or are looking for simplicity."
"I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins."
"Support can be slow at times, but the quality is high. Posted knowledge base articles could use improvement."
"Their threat intelligence platform needs to be broadened. They should integrate it with more threat intelligence platforms. For the threat feed that they get from open intelligence, I would like them to add a few premium threat intelligence platforms. They can provide a bundle in which AlienVault has the threat intelligence background of other premium products."
"The only complex area of the setup was writing the custom scripts."
"The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."
ManageEngine Log360 is ranked 25th in Log Management with 15 reviews while USM Anywhere is ranked 15th in Log Management with 113 reviews. ManageEngine Log360 is rated 7.2, while USM Anywhere is rated 8.4. The top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Splunk Enterprise Security, Fortinet FortiSIEM and LogRhythm SIEM, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Rapid7 InsightIDR. See our ManageEngine Log360 vs. USM Anywhere report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
