We performed a comparison between AT&T AlienVault USM and Wazuh based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between the two products is that Wazuh users say the product is missing threat intelligence. In addition, Wazuh users do not mention an ROI. For these reasons, AT&T AlienVault USM is the winner in this comparison.
"The most valuable feature in AT&T AlienVault USM is the reporting."
"The dashboards are very descriptive and contain just the right amount of information. The activity alarms and events contain a plethora of data that is very descriptive and useful."
"The solution is stable."
"It has powerful threat detection, incident response, and compliance management."
"This solution can completely detect and prevent incidents on your network."
"It brought our logs into one place for review and set up alarms based on changes we were missing due to lack of having one place for everything to go."
"Having everything in a central place has been helpful."
"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."
"The MITRE ATT&CK correlation is most valuable."
"Wazuh's best features are syscheck, its ability to immediately resolve vulnerabilities, and that it's open source."
"It has efficient SCA capabilities."
"Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases."
"The product is easy to customize."
"It's stable."
"Wazuh offers an enhanced HDR version that outperforms its competitors."
"Good for monitoring, active response, and for vulnerabilities."
"Plugins could be better utilized, as some of them do not recognize all logs."
"I want to see more compliance management capability. The quality of integrations seems to be a little bit low."
"The price of AT&T AlienVault USM could be reduced."
"Its reporting tools need improvements. It would be good if they can provide integration with other ticketing systems. Currently, we only have integration with Slack and Jira. It is also a bit slow, and its replication engine can be improved."
"I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins."
"The other thing is the agent is OSSEC. They needed to create its own agent to help to find threats on the devices that it happens to be installed."
"AlienVault must improve their correlation feature. Some of the events do not match with the correlation rules and some of the correlation events are false-positive."
"We would like more plugins. This being the main point of improvement which would benefit the users."
"The tool doesn't detect anomalies or new environments."
"Adding the flexibility to integrate various plug-ins or modules into its core system would enhance functionality."
"We would like to see more improvements on the cloud."
"Its configuration process is time-consuming."
"Wazuh is missing many things that a typical SIEM should have."
"The tool does not provide CTI to monitor darknet."
"Alerts should be specific rather than repeatedly triggered by integrating multiple factors. This issue needs improvement to create a more efficient alert system."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
USM Anywhere is ranked 15th in Log Management with 113 reviews while Wazuh is ranked 2nd in Log Management with 38 reviews. USM Anywhere is rated 8.4, while Wazuh is rated 7.4. The top reviewer of USM Anywhere writes "Easy to use and affordable". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". USM Anywhere is most compared with AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel and Rapid7 InsightIDR, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Graylog. See our USM Anywhere vs. Wazuh report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.