We performed a comparison between AlienVault OSSIM and IBM Security QRadar based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think Alien Vault has the best price-performance ratio."
"Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. It is also free and very powerful."
"The solution is free to use."
"It has helped us remediate threats in the past by providing significant events that assisted in identifying suspicious activities, such as logins from multiple countries."
"OSSIM is the only solution that includes the large number of modules that we need: a vulnerability scanner, a network IDS system, a host IDS system."
"The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable at least you can do something about it."
"AlienVault OSSIM is an enterprise solution that sells easily. It is rated highly by organizations."
"The most valuable feature is the logging capability."
"It is really helpful to us from the compliance point of view."
"We've found the solution to be scalable."
"QRadar has somewhat of a new structure recently from last gen. They have moved from the standard UI based infrastructure."
"The scalability is very good. It's not a problem."
"The support is very good. We get support whenever we need it. Sometimes they respond immediately and sometimes it will be within 24 hours. We can ask them to please do it right away and they can get a request done within an hour or two."
"The solution is flexible and easy to use."
"It's hard for me to pinpoint any one feature that's most valuable because it is all about consuming logs and analyzing them. We started using QRadar UBA because we needed something that could analyze Linux authentication information. Other products take care of the Windows platform."
"It integrates very easily with other solutions. The solution is flexible. We can add anything to it, as it is a good companion to other tools."
"I don't like to work on OSSIM because it is unpredictable."
"AlienVault OSSIM could improve by having better integration with some of the newer tools."
"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."
"Sometimes technical issues take very long to get resolved."
"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."
"They can add more compliance templates."
"AlienVault OSSIM gives unwanted notifications."
"The incidence reporting could be better."
"IBM QRadar has a margin for development, for out-of-the-box use cases. It can be enhanced with better support and automate the use cases for that."
"The implementation of the solution's technology needs to be simplified."
"There are areas in IBM Security QRadar that could benefit from improvement. Its ability to customize knowledge for specific purposes could be enhanced. Also, it lacks clarity in presenting details. It is also difficult to see the reports."
"The product is good, but one feature they should have is an Elasticsearch. Currently, in QRadar, there are no Elasticsearch criteria."
"They should provide more manual examples online so that I can learn it myself."
"IBM QRadar User Behavior Analytics could improve machine learning use cases because they are limited and most of the use cases are rule-based. They should develop more use cases, such as in Securonix or Exabeam because they will detect a threat. Using machine learning is mainly on the correlation rules, but if you think about Exabeam or Securonix, they detect using machine learning or machine learning-based algorithms."
"The only challenge is that IBM has been a closed enterprise. It should be more open to integrating with other providers at an enterprise level. We're a bank and the core banking system integration is not way straightforward and there is no integration between IBM and these products. If IBM could open up and provide a way of integrating it seamlessly, without charging more for it, that would make a big difference."
"Certain updates—especially when using Azure—don't apply directly. Our engineering team must invest additional effort to implement these updates. However, the tool's cloud-based version poses no issues. However, upgrading the product can sometimes be challenging for on-premises instances."
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 28 reviews while IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews. AlienVault OSSIM is rated 7.4, while IBM Security QRadar is rated 8.0. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and Microsoft Defender XDR, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security. See our AlienVault OSSIM vs. IBM Security QRadar report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.