We performed a comparison between SolarWinds Security Event Manager and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"It has basic out-of-the-box integrations with multiple log sources."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."
"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."
"SolarWinds Security Event Manager has been generally working well."
"SolarWinds' stability is fine. I don't think we've had any software issues."
"SolarWinds is easy to configure, and it provides timely alerts."
"The most valuable feature of this solution is the visibility into both attempted and failed logins."
"The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."
"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
"It brought our logs into one place for review and set up alarms based on changes we were missing due to lack of having one place for everything to go."
"The most valuable feature is threat intelligence."
"The vulnerability manager and the file integration are very good."
"It allows for a lot of out-of-the-box features: vuln scanning, HIDS/HIPS, and IDS."
"Its powerful correlation engine helps reduce time in manually correlating events."
"This is a USM, so being able to get all the features under one roof makes it a good product with good new features."
"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."
"Reports are customized, so you can present them to executives or engineers."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"There is room for improvement in entity behavior and the integration site."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"The solution could improve the playbooks."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"We used the support from SolarWinds Security Event Manager and they are knowledgeable but challenging to get in contact with them."
"It won't tell you when your backups are failing, but it will give you hints when your database is running on full recovery."
"The company had to use a third party for the implementation of the solution."
"It is a very technical program. They can simplify it so that it isn't so hard to deal with."
"We'd like more customization capabilities."
"There is no correlation made between log entries, so no threat information is presented."
"The product should improve the ease with which you can create event alerts. They are not as hard now but you need to have an easier way."
"I would like to have a more customizable dashboard."
"The reporting module could be a little easier to handle, as it requires quite some trial and error until you get the reports you want. Also, it would be great to have a graphical interface for the Network Intrusion Detection System's rule management."
"I feel that some areas of improvement would be vulnerability scanning. We use a separate product that seems to do a much better job."
"This solution could be easier to use."
"There could be some type of integration with our existing portal. We have our own customer portals, and it would be good if there was an integration so that our portal can provide reports. There could be some type of API into the AlienVault system with the USM system so that it is easy to show the customers high-level reports of the system through our portal."
"It was easy on PoC, but when we got to the product it was different story. We had to learn the product again and got feeling that the PoC was a different product."
"It would be nice to see some machine learning and monitoring of the configuration in network devices."
"The solution is a bit complicated. It could be simplified quite a bit."
"The only complex area of the setup was writing the custom scripts."
More SolarWinds Security Event Manager Pricing and Cost Advice →
SolarWinds Security Event Manager is ranked 20th in Security Information and Event Management (SIEM) with 24 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. SolarWinds Security Event Manager is rated 7.8, while USM Anywhere is rated 8.4. The top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, Wazuh, IBM Security QRadar and Microsoft Defender XDR, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Rapid7 InsightIDR. See our SolarWinds Security Event Manager vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.