AlienVault OSSIM vs Varonis Data Security Platform

• Asset discovery. Once installed in a centric, network-accessible server, OSSIM can poll all your endpoints with common protocols (SSH, SNMP, WMI) to detect and discover site-wide assets to monitor. You only need to group them by your own criteria once added to the product.
• SIEM Event Correlation. You can define quite complex correlation rules to detect possible suspicious or malicious actions or attempts in your network, in order to categorize them as real threats or as false positives, thus streamlining your risk assessment and management.
• Ease of installation. The entire AlienVault OSSIM is self-contained in an ISO file, which can be burned into a DVD or just mounted in your server of choice (physical or virtual) for deployment. The installation process is automated and quote verbosed, with options for static IP, email messaging and others.
• Ease of access. Being AlienVault OSSIM a self-contained appliance, it can be accessed via web by any device that supports a web browser, being that desktops, workstation, mobile devices, etc. The OSSIM dashboard and other features are automatically rearranged to adapt to the particular device being in use.

Read full review

• Varonis logging is very robust and captures all audit events being sent from the file servers.
• The ability to report and alert on Active Directory account events works very well with file activity monitoring. It can show the complete picture of what an account did while being used.
• Have a customizable dashboard is great for being able to show upper management information that only pertains to them.

Read full review

• The reports are clunky and a bit tedious to parse through.
• Sometimes there's so much noise it's hard to tell what a true positive is. There are lots of false ones that trigger alerts but are normal behavior in many environments.

Read full review

• Implementation can be challenging in some areas and can only be executed by the vendor
• Implementation can only be executed by the vendor and additional work can be chargeable
• Licensing can be improved upon
• Agent based so implementation can be longer than expected

Read full review

• It's difficult to put a monetary value on security, but with proper monitoring and alerting, incidents will be easier to avoid.
• Helps with your compliancy, as it automatically alerts you for critical events.
• Collects logs in the cloud, so protected from local issues, like SAN failures.

Read full review

• The positive ROI has been in time spent now vs. pre Varonis tracking down permissions and access to folders in a share environment
• The built in policy rules were very helpful after learning how to properly apply them
• Quick snapshot into our sensitive data repositories has been a major win for our Security team

Read full review