AlienVault OSSIM vs Rencore

What users are saying about

AlienVault OSSIM

Score 8.2 out of 10

Based on 14 reviews and ratings

Rencore

Score 9.1 out of 10

Based on 12 reviews and ratings

Add comparison

Feature Rating Comparison

AlienVault OSSIM

8.2

Rencore

—

Centralized event and log data collection

8.3

—

Correlation

8.0

—

Event and log normalization

8.0

—

Deployment flexibility

8.7

—

Integration with Identity and Access Management Tools

7.5

—

Custom dashboards and views

8.0

—

Host and network-based intrusion detection

8.7

—

Pros

Being a part of the Open Source community, open source tools are always a big plus for me.
Being a simple straightforward tool, it does a great job especially with the asset management piece built into it.
Straightforward
Open Threat Exchange(OTX) gives a straightforward live threat intel feed to work off.

Read full review

Verified User

Engineer in Information Technology

Non-Profit Organization Management Company, 501-1000 employees

View all 4 answers on this topic

Rencore is a company formed of people that have lived the Microsoft community, they have a deep understanding of the needs of businesses that aren't met by the standard Microsoft tools.
Rencore staff are heavily involved in the Microsoft ecosystem, with many of them spending personal time working on projects such as the Patterns and Practices foundation. This adds to their strength and knowledge of the Microsoft platform.
Their products are well known in the community and often used by Microsoft staff themselves. Their support of MVPs ensures that they receive feed back at all levels ensuring a stronger platform of products.

Read full review

Paul Hunt

Business Productivity Practice Lead

Trustmarque (Part of Capita plc)Information Technology and Services, 10,001+ employees

View all 8 answers on this topic

Cons

The correlation directives that come out of the box are very few. I understand more correlation directives are a premium product, but one can hardly see the value of having very few. It makes new customers think they will not get better directives when they switch to the full USM or USM Anywhere.
Same with reports, the few reports it comes out of the box can be retrieved using other tools that are better prepared for the task. I understand that compliance reports aren't free, but at least I'd expect more security reports.
The OTX tab in dashboards sometimes takes too long to load, even if you have a fast internet and plenty of resources in the VM.

Read full review

Ivan Montilla Miralles

Technical Services

GB Advisors, Inc.Computer & Network Security, 11-50 employees

View all 4 answers on this topic

I'd like to see a cheaper subset of tools for the 'citizen developer' to try and enforce good practice at all levels.

Read full review

Paul Hunt

Business Productivity Practice Lead

Trustmarque (Part of Capita plc)Information Technology and Services, 10,001+ employees

View all 8 answers on this topic

Usability

AlienVault OSSIM8.0

Based on 1 answer

AlienVault OSSIM is far easy to use and manage - provided you know what you're doing. As any SIEM application, there is some background knowledge required in order to take advantage of the product's functionalities, such as the log correlation and analysis. Other than that, the application is quite usable and robust.

Read full review

Jose Quintero

Support Services Manager

GB Advisors, Inc.Computer Software, 51-200 employees

View all 1 answers on this topic

No score

No answers yet

No answers on this topic

Ask the community to sound off

Alternatives Considered

AlienVault OSSIM has the upper ante in initial deployment price, being that it's open source. Also, with perhaps the exception of SolarWinds, it has a lower optimal requirements for onsite deployment, hence your OPEX won't be hit very hard by investing in new hardware to suit the appliance. The correlation engine is somewhat more robust that their counterparts in LogRhythm and SolarWinds, and the IDS (both NIDS and HIDS) are more reliable as well in terms of results. Finally, although Tenable SecurityCenter is more robust in dashboards, alerts and reports, it comes short in front of OSSIM in terms of real-time IDS and SIEM correlation.

Read full review

Jose Quintero

Support Services Manager

GB Advisors, Inc.Computer Software, 51-200 employees

View all 4 answers on this topic

I don't know of any products that compete in the space and if there were any, they would not stand a chance against Rencore. Behind any good product is a team of highly skilled individuals, who all have the same goal, who are passionate what they do and lastly, are in it for the betterment of where they started; As Developers themselves. You can't buy that

Read full review

Alistair Pugin

Solutions Architect

Tangent Solutions (Pty) LtdInformation Technology and Services, 5001-10,000 employees

View all 8 answers on this topic