• Home
  • AlienVault OSSIM vs. Rapid7 InsightIDR

AlienVault OSSIM vs Rapid7 InsightIDR comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Sentinel
Read 85 Microsoft Sentinel reviews
31,886 views|17,713 comparisons
92% willing to recommend
AT&T Logo
AlienVault OSSIM
Read 27 AlienVault OSSIM reviews
7,387 views|4,012 comparisons
77% willing to recommend
Rapid7 Logo
Rapid7 InsightIDR
Read 29 Rapid7 InsightIDR reviews
6,640 views|3,524 comparisons
95% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
AlienVault OSSIM vs. Rapid7 InsightIDR
May 2024
Executive Summary

We performed a comparison between AlienVault OSSIM and Rapid7 InsightIDR based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed AlienVault OSSIM vs. Rapid7 InsightIDR Report (Updated: May 2024).
Download the complete report
771,170 professionals have used our research since 2012.
Featured Review
Sachin Paul
Makes data integration very easy for our SOC
It enables data integration within our hybrid, multi-cloud environment, and it makes this data integration very easy for our security operations... Read more →
Anonymous User
Researched Rapid7 InsightIDR but chose AlienVault OSSIM: Customizable dashboards and reports, offers abnormal behavior detection, and the support is good
Anonymous User
Quick to deploy and helpful in detecting and responding to security incidents before there is a big outage
Previously, when something happened, such as when a hacker was attacking one of our customers, we were always behind, or we didn't know that we... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment.""Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually.""The main benefit is the ease of integration.""Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself.""The pricing of the product is excellent.""The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products.""Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements.""The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."

More Microsoft Sentinel Pros →

"Inbuilt IDS, inbuilt integration with threat intelligence platform and with vulnerability assessment modules.""AlienVault OSSIM's GUI is very user-friendly.""The solution is very stable. Compared to Qradar and Splunk, it's very stable.""The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable at least you can do something about it.""There are a lot of people you will find using OSSIM since they are also offering OTX as a service""The solution has a very good open source community, and whenever we have problems, we are always able to resolve it online.""The most valuable features of AlienVault OSSIM are case management, ease of configuration, and investigation.""The most valuable features of AlienVault OSSIM are vulnerability assessment, network intrusion detection system, response to critical events, and awareness of the whole network."

More AlienVault OSSIM Pros →

"Rapid7's reporting is more robust than Tenable's.""​​User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day.""The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame.""The alerting to drive investigations and remediation has been its most valuable feature.​""The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue.""Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable.""The solution is very stable and works very well for what I need it to do.""It is a very stable solution."

More Rapid7 InsightIDR Pros →

Cons
"The playbook is a bit difficult and could be improved.""They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us.""The AI capabilities must be improved.""When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear.""If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement.""The on-prem log sources still require a lot of development.""While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate.""We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."

More Microsoft Sentinel Cons →

"It's so hard to configure and explore something new on it.""The price of this solution is very high and it could be cheaper.""GUI could be improved.""Lacking in depth of reporting.""The documentation could be improved.""AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base.""There needs to be more support or some kind of training program so users can self-learn the system more effectively.""It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."

More AlienVault OSSIM Cons →

"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment.""Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one.""Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA).""The main problem lies in the processes within the client's operating systems.""The ability to tune the collector for custom logs would greatly help.""Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition.""The product allows us to make only 30 custom rules.""They should add more configuration and security features to it."

More Rapid7 InsightIDR Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

  • "AlienVault pricing is the best. Whatever cost you are paying, you are getting a return on every penny... It's not like your IBM, your QRadar, or Splunk, where the cost is too high."
  • "The solution is open source, so it's free to use."
  • "OSSIM is free."
  • "The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this."
  • "AlienVault OSSIM is free."
  • "We are using the community version, which can be used for free."
  • "We are using a free version of the solution. If you purchase a license there are more features available but the price is a little high. The solution should be cheaper to allow more customers to be able to afford it."
  • "The price of AlienVault OSSIM is too high sometimes for us to present to our customers. The price should be lower. We are on a three-year license to use the solution. We had to pay extra for the support."

    • More AlienVault OSSIM Pricing and Cost Advice →

  • "​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
  • "The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
  • "Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
  • "​Accurately predict your licensing counts as this is a subscription based product.​"
  • "The pricing and licensing are competitive."
  • "Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
  • "It is a reasonably priced solution."
  • "It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."

    • More Rapid7 InsightIDR Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    771,170 professionals have used our research since 2012.
    Questions from the Community
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Read all 2 answers   →
    What do you like most about AlienVault OSSIM?
    Top Answer:Asset discovery is good.
    Read all 26 answers   →
    What is your experience regarding pricing and costs for AlienVault OSSIM?
    Top Answer:The solution is free.
    Read all 21 answers   →
    What needs improvement with AlienVault OSSIM?
    Top Answer:The log management could be improved because of the open source. In the configuration of AlienVault OSSIM, users can… more »
    Read all 26 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is… more »
    Read all 12 answers   →
    What do you like most about Rapid7 InsightIDR?
    Top Answer:During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its… more »
    Read all 20 answers   →
    What is your experience regarding pricing and costs for Rapid7 InsightIDR?
    Top Answer:We chose Rapid7 because of its price. IBM QRadar charges us based on data storage. Rapid7 InsightIDR charges us based on… more »
    Read all 17 answers   →
    Comparisons
    Also Known As
    Azure Sentinel
    OSSIM
    InsightIDR
    Learn More
    Microsoft
    AT&T
    Rapid7
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

    Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Council Rock School District
    Liberty Wines, Pioneer Telephone, Visier
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Comms Service Provider8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Insurance Company14%
    Computer Software Company14%
    Comms Service Provider7%
    Recruiting/Hr Firm7%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm8%
    Comms Service Provider8%
    Government8%
    REVIEWERS
    Comms Service Provider21%
    Computer Software Company21%
    Security Firm14%
    Non Tech Company14%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Financial Services Firm8%
    Manufacturing Company8%
    Government6%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    REVIEWERS
    Small Business52%
    Midsize Enterprise29%
    Large Enterprise19%
    VISITORS READING REVIEWS
    Small Business29%
    Midsize Enterprise20%
    Large Enterprise51%
    REVIEWERS
    Small Business61%
    Midsize Enterprise21%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise20%
    Large Enterprise54%
    Buyer's Guide
    AlienVault OSSIM vs. Rapid7 InsightIDR
    May 2024
    Free Report: AlienVault OSSIM vs. Rapid7 InsightIDR
    Find out what your peers are saying about AlienVault OSSIM vs. Rapid7 InsightIDR and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    771,170 professionals have used our research since 2012.

    AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 27 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews. AlienVault OSSIM is rated 7.4, while Rapid7 InsightIDR is rated 8.4. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and i-SIEM, whereas Rapid7 InsightIDR is most compared with Darktrace, Splunk Enterprise Security, Rapid7 InsightVM, IBM Security QRadar and Microsoft Defender for Identity. See our AlienVault OSSIM vs. Rapid7 InsightIDR report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.