What users are saying about
22 Ratings
15 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.3 out of 101
22 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.3 out of 101

Add comparison

Likelihood to Recommend

AlienVault OSSIM

If this is your first experience with a SIEM, this one can get you started. Take the time to learn the ins and outs of the product and you'll most likely be satisfied with it if your company is an SMB. If you need compliance reports, OSSIM is too small for you, you'll need to go with USM or USM Anywhere.
Ivan Montilla Miralles profile photo

Rapid7 Nexpose

All in all, it's a great vulnerability management platform and would work for most companies looking for a straightforward solution. We rely heavily on integration and automation and it has room for improvement there. We would like it to connect to applications out of the box or vendor supported rather than creating those connectors in-house.
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault OSSIM
8.2
Rapid7 Nexpose
Centralized event and log data collection
AlienVault OSSIM
8.4
Rapid7 Nexpose
Correlation
AlienVault OSSIM
8.0
Rapid7 Nexpose
Event and log normalization
AlienVault OSSIM
8.0
Rapid7 Nexpose
Deployment flexibility
AlienVault OSSIM
8.7
Rapid7 Nexpose
Integration with Identity and Access Management Tools
AlienVault OSSIM
7.5
Rapid7 Nexpose
Custom dashboards and views
AlienVault OSSIM
8.0
Rapid7 Nexpose
Host and network-based intrusion detection
AlienVault OSSIM
8.6
Rapid7 Nexpose

Pros

  • Most of the configuration comes out-of-the-box suited for most environments. Setting it up is really easy, with the wizard, you can have it working in less than 3 hours of deployment, without counting asset installation.
  • Out-of-the-box dashboards are really useful. You can modify or add new widgets to suit your needs, but you'll most likely agree with what already comes configured.
  • The tickets feature for handling alarms is really easy to use.
Ivan Montilla Miralles profile photo
  • Timely content by virtue of being tied to metasploit
  • Easy to use interface
  • Depth across the security life cycle
No photo available

Cons

  • It's a free product! Yes, it doesn't have all the capabilities of the USM anywhere, but it does a great job. Can't really complain.
No photo available
  • Management side of things is a bit less functional than [Nexus]
  • Perhaps more robust reporting for higher level reporting
  • The alerting/messaging system could use additional flexibility
No photo available

Usability

AlienVault OSSIM8.0
Based on 1 answer
AlienVault OSSIM is far easy to use and manage - provided you know what you're doing. As any SIEM application, there is some background knowledge required in order to take advantage of the product's functionalities, such as the log correlation and analysis. Other than that, the application is quite usable and robust.
Jose Quintero profile photo
No score
No answers yet
No answers on this topic

Alternatives Considered

AlienVault OSSIM has the upper ante in initial deployment price, being that it's open source. Also, with perhaps the exception of SolarWinds, it has a lower optimal requirements for onsite deployment, hence your OPEX won't be hit very hard by investing in new hardware to suit the appliance. The correlation engine is somewhat more robust that their counterparts in LogRhythm and SolarWinds, and the IDS (both NIDS and HIDS) are more reliable as well in terms of results. Finally, although Tenable SecurityCenter is more robust in dashboards, alerts and reports, it comes short in front of OSSIM in terms of real-time IDS and SIEM correlation.
Jose Quintero profile photo
Tenable has a more refined look for the reporting that it provides as a result of scanning events, but Nexpose seems to have a better ability to help quantify risk and help prioritize the work needed to get the quickest security result for the team and the company. The Nessus Passive Vulnerability Scanner is a highly desireable tool but can be supplanted with some thought and coding.
No photo available

Return on Investment

  • The only investment here is setting it up and I think seeing it's performance it's a fantastic tool and has a great positive ROI!
No photo available
  • Can reduce time to patch most critical vulnerabilities
  • Can help to identify who is spending time patching things of lower risk thus keeping the organization in a more vulnerable position
  • Easily provides the patch team with a work plan to enhance security more quickly
No photo available

Pricing Details

AlienVault OSSIM

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Rapid7 Nexpose

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details