No more typing reviews! Try our Samantha, our new voice AI agent.

AlienVault OSSIM vs Cynet comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
AlienVault OSSIM
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
31
Ranking in other categories
Security Information and Event Management (SIEM) (26th)
Cynet
Average Rating
8.8
Reviews Sentiment
7.3
Number of Reviews
45
Ranking in other categories
Security Information and Event Management (SIEM) (20th), Endpoint Protection Platform (EPP) (18th), User Entity Behavior Analytics (UEBA) (8th), Endpoint Detection and Response (EDR) (17th), Threat Deception Platforms (2nd), Network Detection and Response (NDR) (8th), Extended Detection and Response (XDR) (13th), Ransomware Protection (3rd)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
BP
Independent Contractor at a comms service provider with 5,001-10,000 employees
Enables cost-effective security management for small businesses
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implementation. The main area where the AlienVault product was lacking around the 2018 timeframe was in its ability to scale. By pushing it to a cloud-based system, they've largely alleviated scale issues. It's native in Amazon but will also run in Azure. They have worked with cloud service providers to offer enough throughput at a cost reasonable for a corporation. Scaling was their biggest problem, and they've largely conquered those issues.
Roshan Jadhav - PeerSpot reviewer
Technical Consultant at Vincacyber
Has improved threat detection and streamlined incident analysis through centralized control and AI-driven insights
People are looking for Cynet because it has next-generation threat protection that detects zero-day threats. It has UEBA (user entity behavior analysis), threat hunting features, and storage device control where we can create profiles and block unauthorized USB storage devices. We can also create threat protection policies to detect malware, ransomware, and many other threats. The most valuable feature is the UBA (User behavior analysis). It has integration with SIEM solutions, allowing us to share our logs to third-party SIEM servers. Cynet has AI integration which showcases complete forensic data about threats, making it very easy to understand what happened with the system and what type of incident was detected. Autonomous breach protection is a feature of Cynet which can detect and mitigate known and unknown threats based on signatures. If there are any signature-less files, malware, or ransomware, it will detect them based on autonomous breach protection capabilities. The centralized management console provides a dashboard where we can see four types of attack vectors and incident counts in real-time. It continuously scans the radar and shows open alerts related to files, hosts, users, or networks. We can easily export these alerts and send reports via email.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."
"The scalability of Cortex XDR by Palo Alto Networks is very good."
"Cortex XDR by Palo Alto Networks has helped lighten the load of our security analysts because it was the major tool that we were using and the one we utilized most."
"Cortex is the best solution for avoiding security breaches, malware attacks, and other kinds of security issues."
"Stability is a primary factor, and then there's the ease of distribution and policy management; Cortex XDR by Palo Alto Networks is very easy to work with, and we're quite happy with them."
"I've found the solution to be highly scalable for enterprises."
"It is an easy-to-use tool."
"The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past."
"The most valuable feature is the logging capability."
"Asset discovery is good."
"A very good feature of AlienVault OSSIM is that it has many domains that can be integrated from different solutions."
"What I like about this product, is that it is a fully-fledged solution."
"The most valuable features of this solution are the data correlation and vulnerability assessment."
"The product is easy to use."
"The most valuable features of AlienVault OSSIM are case management, ease of configuration, and investigation."
"The paid version of the solution has reporting and better scalability options."
"Technical support staff were very responsive and very helpful."
"Cynet is light and transparent when downloaded. The product's data aggregation is also valuable since you can see everything you need on a page."
"It can be deployed in autonomous mode, and then it automatically blocks malware threats."
"The level of automation is very good because the majority of the time, it blocks the attacks without requiring anything from our side. The technicians don't have to do anything. They are just alerted about what happened. So, the user intelligence works quite well."
"We especially like the fact that it can stop any kind of attack."
"It is quite stable. I would rate the stability of the solution a nine out of ten."
"This solution requires less management and is very easy to use."
"The feature that I have found most valuable is that the configuration and the usage of the product are not so complicated. For people responsible for using this infrastructure for the first line of workstation monitoring, it's quite easy to use."
 

Cons

"One thing that was missing was the integration part. Currently, they don't have out-of-box integration with IBM QRadar, or if they have the integration, the integration doesn't work well."
"There is a severe gap in functionality between Windows, Linux, and Mac versions. For example all folder restriction settings are Windows only. Traps 5.0+ does not have SAML / LDAP integration."
"Currently, we are monitoring all USB drives and ports but we would like to improve our device control capabilities."
"The downsides of Cortex XDR by Palo Alto Networks are that in many incidents, when I enter the causality chain, there are numerous logs."
"Cortex XDR by Palo Alto Networks is not only pricey; it is extremely expensive."
"In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex."
"It's very time-consuming to log support issues and the people that answer the tickets aren't very knowledgeable."
"When it comes to malware files, it should be a little quick because, at times, it would give a wrong result in the sense of what it might be on malware, even if it still might be a normal one."
"Sometimes it takes very long for your issue to get resolved."
"The incidence reporting could be better."
"It's under heavy traffic. If you have heavy traffic, the system is slow."
"There are somewhat more false positives with the user behavior analytics, which could benefit from an additional machine learning model to detect user patterns more rapidly."
"The correlation engine needs to be improved."
"I would advise others to not implement it for any enterprise-level organization."
"The initial setup was not so easy, partly because the documentation was not up to date."
"AlienVault OSSIM gives unwanted notifications."
"One client said that they faced an issue with Cynet's vulnerability assessment feature."
"After only one month of implementation, an overall rating is premature."
"They have automated response capability, and they're moving more and more into SOAR capability."
"Could have better integration with other security applications."
"I think the technical support could be better. When I contacted them, I had to wait a week before getting an answer."
"Their deployment needs some work, especially with integration with remote monitoring management systems like Datto AutoTask or ConnectWise Automate."
"The reporting is a little weak and could be improved. The other downside is that Cynet does not use the local time zone. It's based off of Greenwich Mean Time."
"I would like to see support for mobile protection and some additional reports included."
 

Pricing and Cost Advice

"Our license will require renewal in August, after which the maintenance will continue as usual."
"The tool's price is moderate."
"The pricing is a little bit on the expensive side."
"The solution has one subscription for endpoint protection and one subscription for detection and response. The two licenses combined give you the BRO version."
"The cost depends on your chosen license type, like Pro or other licenses."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"It has a yearly renewal."
"AlienVault OSSIM is free."
"I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log."
"AlienVault OSSIM is expensive compared to its competitors."
"The price of AlienVault OSSIM is too high sometimes for us to present to our customers. The price should be lower. We are on a three-year license to use the solution. We had to pay extra for the support."
"The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this."
"The solution is open source, so it's free to use."
"OSSIM is free."
"OSSIM is open source, and USM is the paid license. So, if you want, you can switch to USM. There you will have to buy a license, and they have a support team that helps you out on issues you face."
"The pricing was good."
"It costs 18,000 per year, but we have the whole package with not only Cynet but also the Perception Point for emails. There are also some small security courses for our users."
"There is an extra cost if you want the support of Cynet."
"The price should not be less than $100 which is quite reasonable for this solution because you are getting multiple components."
"The price is very competitive."
"My company's customers have to make yearly payments towards the licensing costs of the solution. Cynet is not expensive."
"Cynet has a pay-as-you-go pricing model."
"Cynet is cheap."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Comms Service Provider
14%
Financial Services Firm
8%
Computer Software Company
8%
Manufacturing Company
7%
Manufacturing Company
12%
Financial Services Firm
10%
Comms Service Provider
9%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business18
Midsize Enterprise9
Large Enterprise8
By reviewers
Company SizeCount
Small Business30
Midsize Enterprise7
Large Enterprise12
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for AlienVault OSSIM?
It depends. I would need to review their cost models, but generally, they are on a scaled basis based on throughput u...
What needs improvement with AlienVault OSSIM?
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They ...
What is your primary use case for AlienVault OSSIM?
This solution is very similar to most of the other MSSPs that you would find out there. When I look at use cases, Ali...
When evaluating User Activity Monitoring, what aspect do you think is the most important to look for?
The support team that stands behind the detection and response. Is there adequate expertise and are they behind you ...
What is your experience regarding pricing and costs for Cynet?
Cynet is not very costly. We can refer it to other customers because Cynet does not ask for additional costs for add-...
What needs improvement with Cynet?
One area where Cynet needs improvement is tamper protection for Mac and Linux agents. It currently has tamper protect...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
OSSIM
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Council Rock School District
Meuhedet, East Boston Neighborhood Health Center
Find out what your peers are saying about AlienVault OSSIM vs. Cynet and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.