AlienVault OSSIM vs Rencore

What users are saying about

Score 8.3 out of 10

Based on 15 reviews and ratings

Score 9.1 out of 10

Based on 15 reviews and ratings

Add comparison

Feature Rating Comparison

AlienVault OSSIM

8.2

Rencore

—

Centralized event and log data collection

8.4

—

Correlation

8.0

—

Event and log normalization

8.0

—

Deployment flexibility

8.7

—

Integration with Identity and Access Management Tools

7.5

—

Custom dashboards and views

8.0

—

Host and network-based intrusion detection

8.6

—

Pros

Being a part of the Open Source community, open source tools are always a big plus for me.
Being a simple straightforward tool, it does a great job especially with the asset management piece built into it.
Straightforward
Open Threat Exchange(OTX) gives a straightforward live threat intel feed to work off.

Read full review

Verified User

Engineer in Information Technology

Non-Profit Organization Management Company, 501-1000 employees

View all 4 answers on this topic

Rencore is a company formed of people that have lived the Microsoft community, they have a deep understanding of the needs of businesses that aren't met by the standard Microsoft tools.
Rencore staff are heavily involved in the Microsoft ecosystem, with many of them spending personal time working on projects such as the Patterns and Practices foundation. This adds to their strength and knowledge of the Microsoft platform.
Their products are well known in the community and often used by Microsoft staff themselves. Their support of MVPs ensures that they receive feed back at all levels ensuring a stronger platform of products.

Read full review

Paul Hunt

Business Productivity Practice Lead

Trustmarque (Part of Capita plc)Information Technology and Services, 10,001+ employees

View all 9 answers on this topic

Cons

The correlation directives that come out of the box are very few. I understand more correlation directives are a premium product, but one can hardly see the value of having very few. It makes new customers think they will not get better directives when they switch to the full USM or USM Anywhere.
Same with reports, the few reports it comes out of the box can be retrieved using other tools that are better prepared for the task. I understand that compliance reports aren't free, but at least I'd expect more security reports.
The OTX tab in dashboards sometimes takes too long to load, even if you have a fast internet and plenty of resources in the VM.

Read full review

Ivan Montilla Miralles

Technical Services

GB Advisors, Inc.Computer & Network Security, 11-50 employees

View all 4 answers on this topic

I'd like to see a cheaper subset of tools for the 'citizen developer' to try and enforce good practice at all levels.

Read full review

Paul Hunt

Business Productivity Practice Lead

Trustmarque (Part of Capita plc)Information Technology and Services, 10,001+ employees

View all 9 answers on this topic

Usability

AlienVault OSSIM8.0

Based on 1 answer

AlienVault OSSIM is far easy to use and manage - provided you know what you're doing. As any SIEM application, there is some background knowledge required in order to take advantage of the product's functionalities, such as the log correlation and analysis. Other than that, the application is quite usable and robust.

Read full review

Jose Quintero

Support Services Manager

GB Advisors, Inc.Computer Software, 51-200 employees

View all 1 answers on this topic

No score

No answers yet

No answers on this topic

Ask the community to sound off

Alternatives Considered

AlienVault OSSIM as the first experience with a SIEM is very fine, especially if your company is an SMB. Every SIEM shares some features in common with other products, features such as log retrieval and normalization. So if you stick with principles, you can learn other SIEM products as well. If your environment is not of a minimum size, LogRhythm might be overkill for your network, same with McAfee Enterprise Security Manager.

Read full review

Ivan Montilla Miralles

Technical Services

GB Advisors, Inc.Computer & Network Security, 11-50 employees

View all 4 answers on this topic

I'm not aware of products that do the same as the Rencore offering. I think they'd be hard to beat.

Read full review

Paul Hunt

Business Productivity Practice Lead

Trustmarque (Part of Capita plc)Information Technology and Services, 10,001+ employees

View all 9 answers on this topic

Return on Investment

Since it's free, ROI has been positive in terms of money. In time cost and engineer time, it has been also very cheap to implement since it's very easy to get it running.
As a learning tool, for ACSE certification, it has also been very useful, since it shares a lot with the USM appliance installation.
As a test environment, again, it shares a lot with the USM appliance installation, so if you have a USM also and you don't want to test things over your production environment, testing with OSSIM first has been a good way to mitigate possible bad effects.

Read full review

Ivan Montilla Miralles

Technical Services

GB Advisors, Inc.Computer & Network Security, 11-50 employees

View all 4 answers on this topic