We performed a comparison between AlienVault OSSIM and IBM Security QRadar based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."With AlienVault you get everything in one box."
"It has helped us remediate threats in the past by providing significant events that assisted in identifying suspicious activities, such as logins from multiple countries."
"The solution is free to use."
"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"The initial setup is straightforward."
"You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think Alien Vault has the best price-performance ratio."
"You can customize the dashboards as well as the reporting."
"The most valuable features of AlienVault OSSIM are case management, ease of configuration, and investigation."
"This solution provides me with various alarms, and I have found security issues with some of my other products."
"It is a scalable solution."
"Flexible and valuable product that is modular, so you can easily set up a roadmap for your clients."
"It comes with many rules disabled. You can tune them and modify them according to your enterprise needs and avoid false positives."
"Log correlation is very useful for processing alerts. It serves to follow up alerts in real-time, building an entire workflow."
"It also has a graph that shows the traffic history. I can see what happened yesterday or today. If there's an incident, I can check the traffic behavior on QRadar."
"There are other third-party plugins that we can use."
"It helps us discover any threats with their alerts and tracking."
"AlienVault OSSIM could improve by having better integration with some of the newer tools."
"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."
"The correlation engine needs to be improved."
"We need more dashboards and we need more customization for dashboards."
"AlienVault OSSIM’s configuration and integration could be a little easier."
"They can add more compliance templates."
"I would like the solution to be able to integrate with my firewall, my IDS and my Honeypot solutions so that it can provide real-time reporting as things occur and then have alert sent to me on my phone when suspicious activity is happening."
"Lacking in depth of reporting."
"The threat detection needs improvement, they have many false positives."
"QRadar's performance has room for improvement because it cannot handle the volume. I need massive amounts of logs from various devices in our existing network architecture. IBM needs to improve QRadar's capacity to handle more logs."
"Technical support could be improved by a bit."
"The initial setup was complex, and it took six months."
"The product can be a bit complex."
"QVM is another instance where they need to revise the vulnerability scoring and the proper remediation details."
"It's resource-intensive."
"When it comes to what could be better, it is always what others are trying to do and what is the roadmap. It can have more integration. It should have more flexible RESTful APIs for integration with applications. These are the things that are always in demand for any of the SIEM solutions, not only for QRadar. Integration is ever-evolving. Nowadays, different versions of mobile handsets are there and data is getting scattered. Users are using their personal handsets to keep the data of the organization. So, it should have a more flexible integration, irrespective of the flavor of the firmware and iOS or Android version. It should have an API that can seamlessly get integrated. It should also provide more flexible control and a more advanced or analytical view to see what exactly is happening across the globe or network. From wherever a user is connecting and accessing the enterprise data, it should give real-time visibility and predictive visibility about what exactly is happening. These things are already there, but there should be more advanced control in terms of managing the security."
AlienVault OSSIM is ranked 11th in Security Information and Event Management (SIEM) with 28 reviews while IBM Security QRadar is ranked 4th in Security Information and Event Management (SIEM) with 198 reviews. AlienVault OSSIM is rated 7.4, while IBM Security QRadar is rated 8.0. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and Microsoft Defender XDR, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Elastic Security. See our AlienVault OSSIM vs. IBM Security QRadar report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.