AlienVault OSSIM vs BeyondTrust Network Security Scanner, powered by Retina (Legacy)

• Asset discovery. Once installed in a centric, network-accessible server, OSSIM can poll all your endpoints with common protocols (SSH, SNMP, WMI) to detect and discover site-wide assets to monitor. You only need to group them by your own criteria once added to the product.
• SIEM Event Correlation. You can define quite complex correlation rules to detect possible suspicious or malicious actions or attempts in your network, in order to categorize them as real threats or as false positives, thus streamlining your risk assessment and management.
• Ease of installation. The entire AlienVault OSSIM is self-contained in an ISO file, which can be burned into a DVD or just mounted in your server of choice (physical or virtual) for deployment. The installation process is automated and quote verbosed, with options for static IP, email messaging and others.
• Ease of access. Being AlienVault OSSIM a self-contained appliance, it can be accessed via web by any device that supports a web browser, being that desktops, workstation, mobile devices, etc. The OSSIM dashboard and other features are automatically rearranged to adapt to the particular device being in use.

Read full review

• Scanning, network discovery.
• Does a good job at scanning without taking up network resources.
• Does not consume a lot of bandwidth.

Read full review

• The reports are clunky and a bit tedious to parse through.
• Sometimes there's so much noise it's hard to tell what a true positive is. There are lots of false ones that trigger alerts but are normal behavior in many environments.

Read full review

• I do not have any obvious cons to report at this time.

Read full review

• It's difficult to put a monetary value on security, but with proper monitoring and alerting, incidents will be easier to avoid.
• Helps with your compliancy, as it automatically alerts you for critical events.
• Collects logs in the cloud, so protected from local issues, like SAN failures.

Read full review

• The product is extremely easy to deploy, extremely positive.
• If you take full advantage of this product as I did, you will maximize your ROI quickly as we did.
• We were able to visualize our vulnerabilities efficiently and effectively and maintain scheduled scans that allowed us to maintain a continuous improvement atmosphere while securing our investments.
• The ability provide reporting allows our IT department to prioritize issues and remediate as required without chasing down low risk issues over high risk issues that need immediate attention.

Read full review