We performed a comparison between AlienVault OSSIM and IBM Security QRadar based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The initial setup is straightforward."
"The dashboard is the solution's most valuable aspect. It brings everything into one central point where I can actually look at it and go, "Okay, I understand what's going on.""
"You can customize the dashboards as well as the reporting."
"OSSIM is the only solution that includes the large number of modules that we need: a vulnerability scanner, a network IDS system, a host IDS system."
"The paid version of the solution has reporting and better scalability options."
"AlienVault OSSIM's GUI is very user-friendly."
"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"The solution is free to use."
"The solution is relatively easy to use."
"The interface is good."
"The playbook engine is flexible and allows for the graphical visualization of processes, enabling the implementation of dynamic playbooks for incident response or testing."
"The most valuable feature is the machine learning module."
"The most valuable feature is the searching capability and real-time operational use."
"It is a scalable solution."
"Flexible and valuable product that is modular, so you can easily set up a roadmap for your clients."
"It is really helpful to us from the compliance point of view."
"The correlation engine needs to be improved."
"AlienVault OSSIM’s configuration and integration could be a little easier."
"AlienVault OSSIM should improve the deployment and make it unified like the USM."
"GUI could be improved."
"Lacking in depth of reporting."
"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."
"I don't like to work on OSSIM because it is unpredictable."
"AlienVault OSSIM gives unwanted notifications."
"Dashboards and reports could provide better visualization of SIEM activity."
"Certain updates—especially when using Azure—don't apply directly. Our engineering team must invest additional effort to implement these updates. However, the tool's cloud-based version poses no issues. However, upgrading the product can sometimes be challenging for on-premises instances."
"Search capability and indexing still lag behind competitors. We also need to see improved rule based access controls and rule/event tuning."
"There is room for improvement in IBM QRadar in integrating features for SOC maturity and security levels directly into QRadar."
"AI is superb but need improvements."
"Solution has too many menus that require going to two or three sub-monitors to enter the QRadar."
"Technical support is good, but not great."
"In terms of what could be improved, I would say the script which we have to create for custom actions. QRadar needs to improve that feature. Additionally, QRadar has to provide the playbooks designing features."
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 28 reviews while IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews. AlienVault OSSIM is rated 7.4, while IBM Security QRadar is rated 8.0. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and Microsoft Defender XDR, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security. See our AlienVault OSSIM vs. IBM Security QRadar report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.