We performed a comparison between Group-IB Threat Intelligence and USM Anywhere based on real PeerSpot user reviews.
Find out what your peers are saying about Recorded Future, Check Point Software Technologies, Microsoft and others in Threat Intelligence Platforms."The most valuable Group-IB Threat Intelligence features are their detections, especially in terms of account and card information leakage. This data sets Group-IB apart from some of the competition."
"We have found the site intelligence features to be the most valuable."
"The totality of the recordings is quite important. The networks, the new threat actors, the new methods, tactics, techniques, and procedures."
"The tool's most valuable feature is the sandbox."
"Threat Intelligence's best feature is threat activation."
"It provides a single pane of glass view, coupled with a whole security ecosystem. The ability to manage everything from a central point, including vulnerability assessments, asset management - including the services provided by the various hosts, NIDS, HIDS, etc. - provides a very efficient way of dealing with things."
"The most valuable feature in AT&T AlienVault USM is the reporting."
"Ease of deployment across various environments."
"The setup is very easy and straightforward."
"It has streamlined log aggregation and analysis to meet organizational and regulatory needs."
"It allows for a lot of out-of-the-box features: vuln scanning, HIDS/HIPS, and IDS."
"What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on and does it quite well. There are no whistles and bells, it's reliable and simple to use."
"Its powerful correlation engine helps reduce time in manually correlating events."
"Group-IB Threat Intelligence should improve integration for SIEM and SOAR solutions."
"As the landscape evolves, they could provide a little more detail or specificity to map it to the MITRE ATT&CK framework."
"Threat Intelligence's OT security could be improved."
"The web intelligence could be improved. It is not as good as the intelligence from other solutions."
"The lack of appliance-based or on-premise options for this solution is its biggest downfall. Clients request them often."
"The reporting is mediocre and is something that needs to be improved."
"It was easy on PoC, but when we got to the product it was different story. We had to learn the product again and got feeling that the PoC was a different product."
"We've had some stability problems, not a lot, but a few. Updates seem to be the worst. That seems to be when the stability problems come up."
"The other thing is the agent is OSSEC. They needed to create its own agent to help to find threats on the devices that it happens to be installed."
"Maybe logs are the problem, as the database query is too slow. If you want to search something, you need time to find it."
"Its reporting tools need improvements. It would be good if they can provide integration with other ticketing systems. Currently, we only have integration with Slack and Jira. It is also a bit slow, and its replication engine can be improved."
"Support can be slow at times, but the quality is high. Posted knowledge base articles could use improvement."
"The only complex area of the setup was writing the custom scripts."
Group-IB Threat Intelligence is ranked 9th in Threat Intelligence Platforms with 5 reviews while USM Anywhere is ranked 11th in Security Information and Event Management (SIEM) with 113 reviews. Group-IB Threat Intelligence is rated 8.8, while USM Anywhere is rated 8.4. The top reviewer of Group-IB Threat Intelligence writes "Easy to setup, highly stable and scalable and efficiently tracks threat actors and analyze their tactics". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Group-IB Threat Intelligence is most compared with Recorded Future, Kaspersky Threat Intelligence Services, CrowdStrike Falcon, Mandiant Advantage and Anomali ThreatStream, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Microsoft Sentinel.
We monitor all Threat Intelligence Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.