No more typing reviews! Try our Samantha, our new voice AI agent.

AlienVault OSSIM vs Cynet comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
AlienVault OSSIM
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
31
Ranking in other categories
Security Information and Event Management (SIEM) (26th)
Cynet
Average Rating
8.8
Reviews Sentiment
7.3
Number of Reviews
45
Ranking in other categories
Security Information and Event Management (SIEM) (20th), Endpoint Protection Platform (EPP) (18th), User Entity Behavior Analytics (UEBA) (8th), Endpoint Detection and Response (EDR) (17th), Threat Deception Platforms (2nd), Network Detection and Response (NDR) (8th), Extended Detection and Response (XDR) (13th), Ransomware Protection (3rd)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
BP
Independent Contractor at a comms service provider with 5,001-10,000 employees
Enables cost-effective security management for small businesses
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implementation. The main area where the AlienVault product was lacking around the 2018 timeframe was in its ability to scale. By pushing it to a cloud-based system, they've largely alleviated scale issues. It's native in Amazon but will also run in Azure. They have worked with cloud service providers to offer enough throughput at a cost reasonable for a corporation. Scaling was their biggest problem, and they've largely conquered those issues.
Roshan Jadhav - PeerSpot reviewer
Technical Consultant at Vincacyber
Has improved threat detection and streamlined incident analysis through centralized control and AI-driven insights
People are looking for Cynet because it has next-generation threat protection that detects zero-day threats. It has UEBA (user entity behavior analysis), threat hunting features, and storage device control where we can create profiles and block unauthorized USB storage devices. We can also create threat protection policies to detect malware, ransomware, and many other threats. The most valuable feature is the UBA (User behavior analysis). It has integration with SIEM solutions, allowing us to share our logs to third-party SIEM servers. Cynet has AI integration which showcases complete forensic data about threats, making it very easy to understand what happened with the system and what type of incident was detected. Autonomous breach protection is a feature of Cynet which can detect and mitigate known and unknown threats based on signatures. If there are any signature-less files, malware, or ransomware, it will detect them based on autonomous breach protection capabilities. The centralized management console provides a dashboard where we can see four types of attack vectors and incident counts in real-time. It continuously scans the radar and shows open alerts related to files, hosts, users, or networks. We can easily export these alerts and send reports via email.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution doesn't need a high level of technical training."
"My advice for anybody who is considering Cortex XDR is that it is a complete solution, and has very good features."
"Cortex XDR can integrate the firewalls and determine the tendencies of the attacks. It's a new generation antivirus, with protection endpoints and detection response. It is very easy to use and everybody can operate the solution."
"The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week."
"Cortex XDR alerts us on the dashboard when there's a threat, which allows us to restrict that user and helps secure our infrastructure."
"Cortex XDR by Palo Alto Networks is easy to use and does not consume a lot of hardware resources."
"Implementing Cortex XDR by Palo Alto Networks has had a significant impact on my security analyst workload because it becomes much easier."
"We've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for."
"AlienVault OSSIM is an enterprise solution that sells easily. It is rated highly by organizations."
"The dashboard is the solution's most valuable aspect; it brings everything into one central point where I can actually look at it and go, "Okay, I understand what's going on," and the solution works well and allows me to have visibility into anomalous events."
"The solution has a very good open source community, and whenever we have problems, we are always able to resolve it online."
"The paid version of the solution has reporting and better scalability options."
"I recommend it due to the experience of the people running it."
"The product is majorly used for threat detection of the agents on servers and endpoints."
"Network traffic analysis is highly efficient."
"AlienVault OSSIM's GUI is very user-friendly."
"Cynet has an excellent solution from a technical standpoint, but they also have a great support system that extends to the attack itself."
"Our clients choose Cynet because it is both simple to use and comprehensive."
"The dashboard is very beautiful because it provides everything on a centralized console."
"We have definitely seen an ROI because we have very sensitive information, and we never had any viruses."
"The EDR, as well as the XDR features, are very valuable."
"If some unusual activity happens on the network, such as I open administrator sessions in a short duration of an hour on many computers in the lab, it sends me an alert about my network saying that one user opened three, four, or five sessions in one hour. Similarly, if I try to play with the disk size on a computer, it will send me an alert, and it will also stop the operation."
"Cynet's centralized control feature is very user-friendly, has a good user interface, and is very convenient, requiring hardly one or two people to manage the entire console, which is not resource-heavy and automates many processes, making it very easy to use without alert fatigue due to low false positives."
"Advanced detection and protection against ransomware paired with SOC monitoring are the most valuable features. They have 24/7 SOC monitoring and file activity. It is a very robust tool."
 

Cons

"It'll help if customization was easier."
"The solution lags to the real-time scenarios here and there."
"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."
"For working with the solution, you only really need a web browser, however, we've found that working on Chrome, for example, is horrible."
"The product's pricing needs improvement. They could provide more discounts. Additionally, the dashboard and control panel could be enhanced."
"The deployment is pretty hard."
"Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis."
"Cortex XDR by Palo Alto Networks could improve by adding a sandbox feature to better compete with their competitors which have it."
"I suggest more in-built rules based on modern threats and environments to make it a more competitive solution."
"I would advise others to not implement it for any enterprise-level organization."
"ArcSight works better than AlienVault right now."
"They can add more compliance templates."
"It's so hard to configure and explore something new on it. It is not easy to find the steps we need to follow in order to use the solution effectively."
"The price of this solution is very high and it could be cheaper."
"There are somewhat more false positives with the user behavior analytics, which could benefit from an additional machine learning model to detect user patterns more rapidly."
"The biggest thing I always complain about is that the user intake is a very old version."
"The inability to add contact information inside the Cynet is also an issue because it makes things more complicated. I would like to have a simple feature to enter a contact name and number for the person taking care of that unit or that server."
"We'd like something that makes it easier to manage specific points."
"There is room for improvement in terms of support. The support should be faster to respond."
"There are some shortcomings in Cynet's integration capabilities that need improvement."
"Automation could be improved, and orchestration could be added to the features."
"One client said that they faced an issue with Cynet's vulnerability assessment feature."
"Logs download is absolutely needed, and AI features need improvement."
"The reporting functionality in Cynet may not be as comprehensive or flexible as desired."
 

Pricing and Cost Advice

"The cost depends on your chosen license type, like Pro or other licenses."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
"The price of the product is not very economical."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"The tool's price is moderate."
"AlienVault OSSIM is an open-source solution."
"We are using the community version, which can be used for free."
"The tool's licensing costs are yearly."
"The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this."
"OSSIM is open source, and USM is the paid license. So, if you want, you can switch to USM. There you will have to buy a license, and they have a support team that helps you out on issues you face."
"The solution is open source, so it's free to use."
"OSSIM is free."
"AlienVault OSSIM is expensive compared to its competitors."
"It gives you a high level of protection at a very good price."
"The licensing for Cynet is yearly. The solution pricing depends on the customer, but it is not very expensive."
"We purchase the product’s yearly license."
"It costs 18,000 per year, but we have the whole package with not only Cynet but also the Perception Point for emails. There are also some small security courses for our users."
"Our billing is on a quarterly basis, but they have monthly or annual billing availability."
"Cynet is very affordable."
"This solution is expensive. I would rate the price as a three out of five when compared to similar products."
"Pricing wise, Cynet seems to be very competitive. The cost is probably lower than that offered by many of its competitors for all the functions and features it offers."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Comms Service Provider
14%
Financial Services Firm
8%
Computer Software Company
8%
Manufacturing Company
7%
Manufacturing Company
12%
Financial Services Firm
10%
Comms Service Provider
9%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business18
Midsize Enterprise9
Large Enterprise8
By reviewers
Company SizeCount
Small Business30
Midsize Enterprise7
Large Enterprise12
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for AlienVault OSSIM?
It depends. I would need to review their cost models, but generally, they are on a scaled basis based on throughput u...
What needs improvement with AlienVault OSSIM?
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They ...
What is your primary use case for AlienVault OSSIM?
This solution is very similar to most of the other MSSPs that you would find out there. When I look at use cases, Ali...
When evaluating User Activity Monitoring, what aspect do you think is the most important to look for?
The support team that stands behind the detection and response. Is there adequate expertise and are they behind you ...
What is your experience regarding pricing and costs for Cynet?
Cynet is not very costly. We can refer it to other customers because Cynet does not ask for additional costs for add-...
What needs improvement with Cynet?
One area where Cynet needs improvement is tamper protection for Mac and Linux agents. It currently has tamper protect...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
OSSIM
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Council Rock School District
Meuhedet, East Boston Neighborhood Health Center
Find out what your peers are saying about AlienVault OSSIM vs. Cynet and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.