We performed a comparison between AlienVault OSSIM and Microsoft Defender XDR based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."AlienVault OSSIM's GUI is very user-friendly."
"The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable at least you can do something about it."
"The solution has a very good open source community, and whenever we have problems, we are always able to resolve it online."
"With AlienVault you get everything in one box."
"Asset discovery is good."
"You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think Alien Vault has the best price-performance ratio."
"It has helped us remediate threats in the past by providing significant events that assisted in identifying suspicious activities, such as logins from multiple countries."
"There are a lot of people you will find using OSSIM since they are also offering OTX as a service"
"The most valuable aspect is undoubtedly the exploration capability"
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"The integration between all the Defender products is the most valuable feature."
"The ability to isolate and address viruses is the most valuable feature of Microsoft Defender XDR."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"GUI could be improved."
"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."
"AlienVault OSSIM is costly."
"It's so hard to configure and explore something new on it."
"I suggest more in-built rules based on modern threats and environments to make it a more competitive solution."
"The solution needs more integration with cyber intelligence systems."
"We need more dashboards and we need more customization for dashboards."
"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"Advanced attacks could use an improvement."
"Just like in any solution, the price can always be cheaper."
"The management and automation of the cloud apps have room for improvement."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"The web filtering solution needs to be improved because currently, it is very simple."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"Intrusion detection and prevention would be great to have with 365 Defender."
AlienVault OSSIM is ranked 11th in Security Information and Event Management (SIEM) with 28 reviews while Microsoft Defender XDR is ranked 5th in Extended Detection and Response (XDR) with 80 reviews. AlienVault OSSIM is rated 7.4, while Microsoft Defender XDR is rated 8.4. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and ManageEngine Log360, whereas Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Trend Vision One. See our AlienVault OSSIM vs. Microsoft Defender XDR report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.