AlienVault OSSIM vs Rapid7 InsightIDR comparison

AlienVault OSSIM

Read 28 AlienVault OSSIM reviews

7,280 Views
3,997 Comparison Views

78% willing to recommend

Rapid7 InsightIDR

Read 31 Rapid7 InsightIDR reviews

6,420 Views
3,425 Comparison Views

95% willing to recommend

AlienVault OSSIM

Rapid7 InsightIDR

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between AlienVault OSSIM and Rapid7 InsightIDR based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed AlienVault OSSIM vs. Rapid7 InsightIDR Report (Updated: June 2024).

Buyer's Guide

AlienVault OSSIM vs. Rapid7 InsightIDR

June 2024

Download the complete report

Helped 789,135 peers since 2012

Categories and Ranking

AlienVault OSSIM

Ranking in Security Information and Event Management (SIEM)

11th

Average Rating

7.4

Number of Reviews

Ranking in other categories

No ranking in other categories

Rapid7 InsightIDR

Ranking in Security Information and Event Management (SIEM)

9th

Average Rating

8.4

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (3rd), Endpoint Detection and Response (EDR) (21st), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (12th)

Mindshare comparison

As of June 2024, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 1.0%, down from 2.5% compared to the previous year. The mindshare of Rapid7 InsightIDR is 4.0%, up from 3.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Unique Categories:

No other categories found

User Entity Behavior Analytics (UEBA)

13.1%

Endpoint Detection and Response (EDR)

0.8%

Featured Reviews

reviewer1378779

System Administrator at a marketing services firm with 10,001+ employees

Aug 5, 2020

Customizable dashboards and reports, offers abnormal behavior detection, and the support is good

We are using AlienVault for vulnerability scanning and detecting abnormal behavior This product is easy to use. The support is very good and they offer managed services. The dashboards are good. You can customize the dashboards as well as the reporting. There needs to be more focus on the NOC…

Read full review

reviewer1938444

Security Solution Engineer II at a security firm with 501-1,000 employees

Aug 12, 2022

Quick to deploy and helpful in detecting and responding to security incidents before there is a big outage

I used it in my previous company. We were the integrator of the solution, and also a partner of Rapid7 at the time. We used it for security monitoring and also for analytics. We used it for our own company, and like an MSSP, we sold this to our customers. So, we did security monitoring for our…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Better than other SIEM solutions because almost everything can be integrated."

"You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think Alien Vault has the best price-performance ratio."

"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."

"It has helped us remediate threats in the past by providing significant events that assisted in identifying suspicious activities, such as logins from multiple countries."

"Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. It is also free and very powerful."

"Asset discovery is good."

"The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable at least you can do something about it."

"The threat alerts it gives me from time to time on harmful code within the network, or if they are generating any network traffic, are very useful."

More AlienVault OSSIM pros

"Rapid7's reporting is more robust than Tenable's."

"The solution's initial setup is easy."

"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."

"We were able to identify criminals attempting to login from China and put a stop on their IP locations."

"Great coverage of all systems within our network from endpoint to firewall."

"I like that it's a cloud-based solution."

"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."

"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."

More Rapid7 InsightIDR pros

Cons

"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."

"The correlation engine needs to be improved."

"They can add more compliance templates."

"We need more dashboards and we need more customization for dashboards."

"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."

"AlienVault OSSIM’s configuration and integration could be a little easier."

"The solution needs more integration with cyber intelligence systems."

"Lacking in depth of reporting."

More AlienVault OSSIM cons

"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."

"The product allows us to make only 30 custom rules."

"The integration capabilities of the solution have certain shortcomings where improvements are required."

"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."

"They should add more configuration and security features to it."

"The searching feature in Rapid7 InsightIDR needs to evolve"

"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."

"Cloud risk assessment is one area where I think they need a lot of improvement."

More Rapid7 InsightIDR cons

Pricing and Cost Advice

"The price of AlienVault OSSIM is too high sometimes for us to present to our customers. The price should be lower. We are on a three-year license to use the solution. We had to pay extra for the support."

"AlienVault OSSIM is expensive compared to its competitors."

"AlienVault pricing is the best. Whatever cost you are paying, you are getting a return on every penny... It's not like your IBM, your QRadar, or Splunk, where the cost is too high."

"OSSIM is free."

"We are using the community version, which can be used for free."

"The solution is open source, so it's free to use."

"We are using a free version of the solution. If you purchase a license there are more features available but the price is a little high. The solution should be cheaper to allow more customers to be able to afford it."

"OSSIM is open source, and USM is the paid license. So, if you want, you can switch to USM. There you will have to buy a license, and they have a support team that helps you out on issues you face."

More AlienVault OSSIM pricing and cost advice

"It is more reasonably priced than other vendors."

"The pricing and licensing are competitive."

"Rapid7 InsightIDR's pricing is reasonable."

"I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability."

"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."

"The pricing is good, and it is not very expensive."

"The solution has a mid-range price point in the market"

"Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."

More Rapid7 InsightIDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

789,135 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

Comms Service Provider

Government

Computer Software Company

16%

Manufacturing Company

Financial Services Firm

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about AlienVault OSSIM?

Asset discovery is good.

See all answers

What is your experience regarding pricing and costs for AlienVault OSSIM?

The solution is free.

See all answers

What needs improvement with AlienVault OSSIM?

Collecting logs can sometimes be tedious, especially compared to my experience with Microsoft Sentinel. I suggest more in-built rules based on modern threats and environments to make it a more comp...

See all answers

What SOC product do you recommend?

For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...

See all answers

What do you like most about Rapid7 InsightIDR?

During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...

See all answers

What is your experience regarding pricing and costs for Rapid7 InsightIDR?

We chose Rapid7 because of its price. IBM QRadar charges us based on data storage. Rapid7 InsightIDR charges us based on the endpoints we connect to. We are satisfied with the product’s price.

See all answers

Comparisons

Wazuh vs AlienVault OSSIM

Compared 77% of the time

Elastic Security vs AlienVault OSSIM

Compared 6% of the time

USM Anywhere vs AlienVault OSSIM

Compared 4% of the time

Splunk Enterprise Security vs AlienVault OSSIM

Compared 2% of the time

AWS Security Hub vs AlienVault OSSIM

Compared 1% of the time

More AlienVault OSSIM Competitors

Darktrace vs Rapid7 InsightIDR

Compared 15% of the time

Microsoft Sentinel vs Rapid7 InsightIDR

Compared 13% of the time

Splunk Enterprise Security vs Rapid7 InsightIDR

Compared 8% of the time

Rapid7 InsightVM vs Rapid7 InsightIDR

Compared 7% of the time

IBM Security QRadar vs Rapid7 InsightIDR

Compared 4% of the time

More Rapid7 InsightIDR Competitors

Product Reports

Buyer's Guide

AlienVault OSSIM

June 2024

Download AlienVault OSSIM product report

Buyer's Guide

Rapid7 InsightIDR

June 2024

Download Rapid7 InsightIDR product report

Also Known As

OSSIM

InsightIDR

Learn More

AT&T

Rapid7

Overview

AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

Sample Customers

Council Rock School District

Liberty Wines, Pioneer Telephone, Visier

Buyer's Guide

AlienVault OSSIM vs. Rapid7 InsightIDR

June 2024

Free Report: AlienVault OSSIM vs. Rapid7 InsightIDR

Find out what your peers are saying about AlienVault OSSIM vs. Rapid7 InsightIDR and other solutions. Updated: June 2024.

DOWNLOAD NOW

789,135 professionals have used our research since 2012.

See our AlienVault OSSIM vs. Rapid7 InsightIDR report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.