We performed a comparison between ManageEngine Log360 and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"The product is very user-friendly."
"The reports that you can run are really nice."
"The Sharecon feature is the most valuable."
"We haven't had any stability issues."
"The solution could be improved by including XDR, remediation and Sandbox."
"The reporting is great. Everything you need is in the report for you already."
"The deployment is quite simple and pretty straightforward."
"The most valuable feature is that this solution is more secure than others, and there are more applications and features as well."
"The feature that I liked the most is that they have a vulnerability assessment package that comes along with the SIEM solution. So, whenever I find any threat or alert for any of the devices or servers, I could immediately initiate a vulnerability assessment scan on that machine. That is one of a kind. The price at which AlienVault operates is also valuable."
"We had used previous products and found AlienVault centralized the logging for our security."
"The AlienVault solution has enabled us to create a SOC on a budget with smaller than usual staff requirements, offering a wider range of solutions for our customers."
"On any given day I could give you a different answer regarding the most valuable features of the product. The feature that is most important is the fact that it has a lot of features, that it's not just a log collection and correlation system, that it has a lot of other components built in. The bundle of features is really the killer feature."
"The best thing about AlienVault USM is it being a “Jack-of-All Trades” solution. It provides SIEM, HIDS/NIDS, FIM, NetFlow, Asset Management, Vulnerability Management, etc., under one USM platform. None of the commercial SIEM vendors like ArcSight, McAfee, etc., can boast of such a diverse feature set."
"AlientVault has helped us in improving our visualization and incident response during cybersecurity situations."
"The ease of implementation is the most valuable feature."
"It has streamlined log aggregation and analysis to meet organizational and regulatory needs."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"The solution could be more user-friendly; some query languages are required to operate it."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"Their technical support should be improved."
"Most times log sheets are not assigned well."
"It is not expensive compared to other solutions."
"It takes a little bit of time for Log360 to actually learn your environment."
"On the logging system, there's a local on-client side that is encrypted, and there's one that is not encrypted. It is only for diagnostical purposes. However, both being encrypted would be very valuable for some audits."
"It's difficult to find which conditions have been applied to a report because they are provided by default by ManageEngine. However, with other SIEMs if you want to create a report, they provide details, like which conditions are triggering certain reports. This needs to be there in ManageEngine. It would be good to know which parameter has been applied to the report that is updating the system."
"The matter of the data retention needs to be addressed."
"The solution lacks some features when compared to other products."
"This solution could be easier to use."
"Adding a parsing interface for the customers would make AT&T AlienVault USM better."
"There could be some type of integration with our existing portal. We have our own customer portals, and it would be good if there was an integration so that our portal can provide reports. There could be some type of API into the AlienVault system with the USM system so that it is easy to show the customers high-level reports of the system through our portal."
"For creating new rules, you have to be familiar with regular expressions. I feel there could be something built-in to make sure that process is easier."
"AlienVault needs to continue to integrate with other third-party technologies that clients want to have monitored."
"The vulnerability reporting needs to have options to be able to sort or customize the output."
"We would like more plugins. This being the main point of improvement which would benefit the users."
"The only room for improvement I can mention is the initial installation procedures. I found that the online installation instructions for the product were missing important details, they lacked necessary steps."
ManageEngine Log360 is ranked 25th in Log Management with 15 reviews while USM Anywhere is ranked 15th in Log Management with 113 reviews. ManageEngine Log360 is rated 7.2, while USM Anywhere is rated 8.4. The top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Splunk Enterprise Security, Fortinet FortiSIEM and LogRhythm SIEM, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Rapid7 InsightIDR. See our ManageEngine Log360 vs. USM Anywhere report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
