What users are saying about

AlienVault OSSIM vs Trend Micro Deep Security

AlienVault OSSIM

14 Ratings

Trend Micro Deep Security

9 Ratings

AlienVault OSSIM

14 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.2 out of 101

Based on 14 reviews and ratings

Trend Micro Deep Security

9 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8 out of 101

Based on 9 reviews and ratings

Add comparison

Likelihood to Recommend

AlienVault OSSIM

If this is your first experience with a SIEM, this one can get you started. Take the time to learn the ins and outs of the product and you'll most likely be satisfied with it if your company is an SMB. If you need compliance reports, OSSIM is too small for you, you'll need to go with USM or USM Anywhere.

Read full review

Ivan Montilla Miralles profile photo
Ivan Montilla Miralles
View all 4 answers on this topic

Trend Micro Deep Security

Hypervisor based agentless security this product excels at. It provides thorough protection for your VM's. The web filtering product that comes with it also does a great job filtering out malicious websites from being accessed by users with a very user friendly prompt that they are going to a website which has been found to be malicious. This is particularly useful when it comes to VDI.

Read full review

Brad Daugherty profile photo
Brad Daugherty
View all 2 answers on this topic

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault OSSIM
8.2
Trend Micro Deep Security
Centralized event and log data collection
AlienVault OSSIM
8.3
Trend Micro Deep Security
Correlation
AlienVault OSSIM
8.0
Trend Micro Deep Security
Event and log normalization
AlienVault OSSIM
8.0
Trend Micro Deep Security
Deployment flexibility
AlienVault OSSIM
8.7
Trend Micro Deep Security
Integration with Identity and Access Management Tools
AlienVault OSSIM
7.5
Trend Micro Deep Security
Custom dashboards and views
AlienVault OSSIM
8.0
Trend Micro Deep Security
Host and network-based intrusion detection
AlienVault OSSIM
8.7
Trend Micro Deep Security

Pros

  • Most of the configuration comes out-of-the-box suited for most environments. Setting it up is really easy, with the wizard, you can have it working in less than 3 hours of deployment, without counting asset installation.
  • Out-of-the-box dashboards are really useful. You can modify or add new widgets to suit your needs, but you'll most likely agree with what already comes configured.
  • The tickets feature for handling alarms is really easy to use.

Read full review

Ivan Montilla Miralles profile photo
Ivan Montilla Miralles
View all 4 answers on this topic
  • Agentless Security
  • Immediate protection upon boot
  • Central Management Console
  • DSVA easy deployment

Read full review

Brad Daugherty profile photo
Brad Daugherty
View all 2 answers on this topic

Cons

  • The correlation directives that come out of the box are very few. I understand more correlation directives are a premium product, but one can hardly see the value of having very few. It makes new customers think they will not get better directives when they switch to the full USM or USM Anywhere.
  • Same with reports, the few reports it comes out of the box can be retrieved using other tools that are better prepared for the task. I understand that compliance reports aren't free, but at least I'd expect more security reports.
  • The OTX tab in dashboards sometimes takes too long to load, even if you have a fast internet and plenty of resources in the VM.

Read full review

Ivan Montilla Miralles profile photo
Ivan Montilla Miralles
View all 4 answers on this topic
  • Agent based security on Desktop/Laptop and error reporting is very difficult to maintain.
  • Support is very slow to respond and resolve issues.
  • Price point is on the higher end in the agentless marketplace.

Read full review

Brad Daugherty profile photo
Brad Daugherty
View all 2 answers on this topic

Usability

AlienVault OSSIM8.0
Based on 1 answer
AlienVault OSSIM is far easy to use and manage - provided you know what you're doing. As any SIEM application, there is some background knowledge required in order to take advantage of the product's functionalities, such as the log correlation and analysis. Other than that, the application is quite usable and robust.

Read full review

Jose Quintero profile photo
Jose Quintero
View all 1 answers on this topic
No score
No answers yet
No answers on this topic

Alternatives Considered

AlienVault OSSIM has the upper ante in initial deployment price, being that it's open source. Also, with perhaps the exception of SolarWinds, it has a lower optimal requirements for onsite deployment, hence your OPEX won't be hit very hard by investing in new hardware to suit the appliance. The correlation engine is somewhat more robust that their counterparts in LogRhythm and SolarWinds, and the IDS (both NIDS and HIDS) are more reliable as well in terms of results. Finally, although Tenable SecurityCenter is more robust in dashboards, alerts and reports, it comes short in front of OSSIM in terms of real-time IDS and SIEM correlation.

Read full review

Jose Quintero profile photo
Jose Quintero
View all 4 answers on this topic
We selected trend micro to take the AV scans and filtering out of the hands of the Windows and Linux vm's we have deployed and move it to the hypervisor level. This has led us to be able to deploy only a single DSVA per host and can protect all VM"s that are on that hosts. This has allowed for more time being spent on other priority security tasks.

Read full review

Brad Daugherty profile photo
Brad Daugherty
View all 2 answers on this topic

Return on Investment

  • The ROI of OSSIM itself is, obviously, immediate, being that it's a free, open-source product. However, you must take into account other inherent investments to cover up for the lack of official support, such as certified agents or consultants that take care of the management and maintenance of the product once in production.
  • On the other hand, the potential loss of information and interruption of operativity due to malware and other threats is really unmeasurable. The implicit savings in OSSIM as a SIEM (Security Information and Event Management) are really the major positive impact on your organization's revenue.
  • Finally, and from a reseller's point of view, reselling OSSIM has the big plus of being a professional services-only asset, given that the appliance itself is free of charge. The only thing to consider is the initial investment in team members with the required capacitation and knowledge to address such professional services to potential customers.

Read full review

Jose Quintero profile photo
Jose Quintero
View all 4 answers on this topic
  • Once setup it provides easy AV installation and management in a virtual enviroment.
  • Agentless allows for no boot storms in a VDI enviroment
  • Trend notifier on the VM's give the users the visibility that they are protected and also can be used on software inventory systems to show that the VM's are protected even though the real protection is at the hypervisor level.

Read full review

Brad Daugherty profile photo
Brad Daugherty
View all 2 answers on this topic

Pricing Details

AlienVault OSSIM

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Trend Micro Deep Security

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details