AlienVault OSSIM vs BeyondTrust Network Security Scanner, powered by Retina (Legacy)

Likelihood to Recommend

If this is your first experience with a SIEM, this one can get you started. Take the time to learn the ins and outs of the product and you'll most likely be satisfied with it if your company is an SMB. If you need compliance reports, OSSIM is too small for you, you'll need to go with USM or USM Anywhere.

Read full review

Ivan Montilla Miralles

Technical Services

GB Advisors, Inc.Computer & Network Security, 11-50 employees

View all 7 answers on this topic

Retina Network Security Scanner is well suited for any environment and infrastructure that would like to expose security deficiencies across their network as well as visualize vulnerabilities as they pertain to assets in their environment. I cannot think of any scenario that would not be appropriate for this product. Since the product carries over to pretty much all assets in your environment, I don't know off the top of y head what it wouldn't be appropriate for.

Read full review

Joe Spradlin

Director Of Information Technology

Fort Walton Machining, Inc.Aviation & Aerospace, 51-200 employees

View all 2 answers on this topic

Feature Rating Comparison

AlienVault OSSIM

BeyondTrust Network Security Scanner, powered by Retina (Legacy)

Centralized event and log data collection

Correlation

Event and log normalization

Deployment flexibility

Integration with Identity and Access Management Tools

Custom dashboards and views

Host and network-based intrusion detection

Pros

Asset discovery. Once installed in a centric, network-accessible server, OSSIM can poll all your endpoints with common protocols (SSH, SNMP, WMI) to detect and discover site-wide assets to monitor. You only need to group them by your own criteria once added to the product.
SIEM Event Correlation. You can define quite complex correlation rules to detect possible suspicious or malicious actions or attempts in your network, in order to categorize them as real threats or as false positives, thus streamlining your risk assessment and management.
Ease of installation. The entire AlienVault OSSIM is self-contained in an ISO file, which can be burned into a DVD or just mounted in your server of choice (physical or virtual) for deployment. The installation process is automated and quote verbosed, with options for static IP, email messaging and others.
Ease of access. Being AlienVault OSSIM a self-contained appliance, it can be accessed via web by any device that supports a web browser, being that desktops, workstation, mobile devices, etc. The OSSIM dashboard and other features are automatically rearranged to adapt to the particular device being in use.

Read full review

Jose Quintero

Support Services Manager

GB Advisors, Inc.Computer Software, 51-200 employees

View all 7 answers on this topic

Scanning, network discovery.
Does a good job at scanning without taking up network resources.
Does not consume a lot of bandwidth.

Read full review

Peter Paccione

Application Penetration Tester

Secure Consulting Solutions LLCComputer & Network Security, 1-10 employees

View all 2 answers on this topic

Cons

The reports are clunky and a bit tedious to parse through.
Sometimes there's so much noise it's hard to tell what a true positive is. There are lots of false ones that trigger alerts but are normal behavior in many environments.

Read full review

John Keenan

Director of Information Security

Memorial Hospital of GulfportMedical Practice, 5001-10,000 employees

View all 7 answers on this topic

I do not have any obvious cons to report at this time.

Read full review

Joe Spradlin

Director Of Information Technology

Fort Walton Machining, Inc.Aviation & Aerospace, 51-200 employees

View all 2 answers on this topic

Usability

AlienVault OSSIM 8.0

Based on 1 answer

AlienVault OSSIM is far easy to use and manage - provided you know what you're doing. As any SIEM application, there is some background knowledge required in order to take advantage of the product's functionalities, such as the log correlation and analysis. Other than that, the application is quite usable and robust.

Read full review

Jose Quintero

Support Services Manager

GB Advisors, Inc.Computer Software, 51-200 employees

View all 1 answers on this topic

No score

No answers yet

No answers on this topic

Support Rating

AlienVault OSSIM 7.9

Based on 4 answers

AlienVault OSSIM support has been very good. I have not had an issue that they were not able to quickly identify and provide a fix for. They are very quick to respond to open cases and are very knowledgeable in the product, which makes troubleshooting issues fast and solutions are provided quickly.

Read full review

Laurie Keith

Help Desk Manager

Black Hills Federal Credit UnionBanking, 201-500 employees

View all 4 answers on this topic

No score

No answers yet

No answers on this topic

Alternatives Considered

Best bang for the buck. Darktrace did not perform even close to AlienVault. I ran them concurrently. AlienVault consistently found issues that Darktrace didn't pick up, and the Darktrace incidents were false positives. At one point, Darktrace stated I had 2,000 servers and I have 112.FortiSIEM is an awesome package but it's more then I need (or can afford). I would need to add staff, for at least the first year or so, just to get it setup and configured correctly.

Read full review

Matthew Frederickson

Director of Information Technology

Council Rock School DistrictEducation Management, 1001-5000 employees

View all 7 answers on this topic

I've evaluated Nessus and multiple other products. I'd say Retina is right there with Nessus. At a certain point, it's not about if the product "finds" more vulnerabilities, it's about how easy it is for the end user. All scanners right now find about the same amount of vulnerabilities, but some are harder for users to use. Retina has a pretty well-designed user interface.

Read full review

Peter Paccione

Application Penetration Tester

Secure Consulting Solutions LLCComputer & Network Security, 1-10 employees

View all 2 answers on this topic

Return on Investment

The only investment here is setting it up and I think seeing it's performance it's a fantastic tool and has a great positive ROI!

Read full review

Verified User

Engineer in Information Technology

Non-Profit Organization Management Company, 501-1000 employees

View all 7 answers on this topic

The product is extremely easy to deploy, extremely positive.
If you take full advantage of this product as I did, you will maximize your ROI quickly as we did.
We were able to visualize our vulnerabilities efficiently and effectively and maintain scheduled scans that allowed us to maintain a continuous improvement atmosphere while securing our investments.
The ability provide reporting allows our IT department to prioritize issues and remediate as required without chasing down low risk issues over high risk issues that need immediate attention.

Read full review

Joe Spradlin

Director Of Information Technology

Fort Walton Machining, Inc.Aviation & Aerospace, 51-200 employees

View all 2 answers on this topic

Pricing Details

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Rating Summary

AlienVault OSSIM

BeyondTrust Network Security Scanner, powered by Retina (Legacy)

AlienVault OSSIM

BeyondTrust Network Security Scanner, powered by Retina (Legacy)

AlienVault OSSIM

BeyondTrust Network Security Scanner, powered by Retina (Legacy)

AlienVault OSSIM vs BeyondTrust Network Security Scanner, powered by Retina (Legacy)