What users are saying about
14 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.2 out of 101
8 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.4 out of 101

Add comparison

Likelihood to Recommend

AlienVault OSSIM

The most obvious scenario in which OSSIM is well suited is in a single office/home office (SOHO) or small business, in which budget is reduced but asset discovery and vulnerability management are greatly needed and appreciated. OSSIM is lightweight and free, so the real challenge to face is to hire or assign an administrator to manage and operate it, instead of any investment on an expensive appliance. Also, as resellers, promoting usage of OSSIM to customers charging for professional services for installation, administration, and maintenance (remember that OSSIM doesn't have official support from AlienVault) is a great asset for the organization.
Jose Quintero profile photo

Qualys Private Cloud Platform

I believe that Qualys Private Cloud Platform is highly scalable and could be appropriate for a small business to a global enterprise. The key question, how safe to do you want to be?
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault OSSIM
8.2
Qualys Private Cloud Platform
Centralized event and log data collection
AlienVault OSSIM
8.4
Qualys Private Cloud Platform
Correlation
AlienVault OSSIM
8.0
Qualys Private Cloud Platform
Event and log normalization
AlienVault OSSIM
8.0
Qualys Private Cloud Platform
Deployment flexibility
AlienVault OSSIM
8.7
Qualys Private Cloud Platform
Integration with Identity and Access Management Tools
AlienVault OSSIM
7.5
Qualys Private Cloud Platform
Custom dashboards and views
AlienVault OSSIM
8.0
Qualys Private Cloud Platform
Host and network-based intrusion detection
AlienVault OSSIM
8.6
Qualys Private Cloud Platform

Pros

  • Asset discovery. Once installed in a centric, network-accessible server, OSSIM can poll all your endpoints with common protocols (SSH, SNMP, WMI) to detect and discover site-wide assets to monitor. You only need to group them by your own criteria once added to the product.
  • SIEM Event Correlation. You can define quite complex correlation rules to detect possible suspicious or malicious actions or attempts in your network, in order to categorize them as real threats or as false positives, thus streamlining your risk assessment and management.
  • Ease of installation. The entire AlienVault OSSIM is self-contained in an ISO file, which can be burned into a DVD or just mounted in your server of choice (physical or virtual) for deployment. The installation process is automated and quote verbosed, with options for static IP, email messaging and others.
  • Ease of access. Being AlienVault OSSIM a self-contained appliance, it can be accessed via web by any device that supports a web browser, being that desktops, workstation, mobile devices, etc. The OSSIM dashboard and other features are automatically rearranged to adapt to the particular device being in use.
Jose Quintero profile photo
  • The first benefit is actually in the vendor. Qualys provides free instructor-led training.
  • Ease of use in a diverse environment.
  • The Qualys Private Cloud Platform has a complete suite of reporting capabilities so you can use your data quickly.
No photo available

Cons

  • The correlation directives that come out of the box are very few. I understand more correlation directives are a premium product, but one can hardly see the value of having very few. It makes new customers think they will not get better directives when they switch to the full USM or USM Anywhere.
  • Same with reports, the few reports it comes out of the box can be retrieved using other tools that are better prepared for the task. I understand that compliance reports aren't free, but at least I'd expect more security reports.
  • The OTX tab in dashboards sometimes takes too long to load, even if you have a fast internet and plenty of resources in the VM.
Ivan Montilla Miralles profile photo
  • The way that devices are catalogued can be tough in a DHCP environment.
No photo available

Usability

AlienVault OSSIM8.0
Based on 1 answer
AlienVault OSSIM is far easy to use and manage - provided you know what you're doing. As any SIEM application, there is some background knowledge required in order to take advantage of the product's functionalities, such as the log correlation and analysis. Other than that, the application is quite usable and robust.
Jose Quintero profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

AlienVault OSSIM as the first experience with a SIEM is very fine, especially if your company is an SMB. Every SIEM shares some features in common with other products, features such as log retrieval and normalization. So if you stick with principles, you can learn other SIEM products as well. If your environment is not of a minimum size, LogRhythm might be overkill for your network, same with McAfee Enterprise Security Manager.
Ivan Montilla Miralles profile photo
While all of the alternative solutions mentioned here are great products, the features and usability that Qualys Private Cloud brought to the table worked out to be the best fit for my organization.
No photo available

Return on Investment

  • Since it's free, ROI has been positive in terms of money. In time cost and engineer time, it has been also very cheap to implement since it's very easy to get it running.
  • As a learning tool, for ACSE certification, it has also been very useful, since it shares a lot with the USM appliance installation.
  • As a test environment, again, it shares a lot with the USM appliance installation, so if you have a USM also and you don't want to test things over your production environment, testing with OSSIM first has been a good way to mitigate possible bad effects.
Ivan Montilla Miralles profile photo
  • Much faster response time for vulnerability management.
  • Overall better security posture.
No photo available

Pricing Details

AlienVault OSSIM

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Qualys Private Cloud Platform

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details