Try our new research platform with insights from 80,000+ expert users

AlienVault OSSIM vs Rapid7 InsightIDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AlienVault OSSIM
Ranking in Security Information and Event Management (SIEM)
10th
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
31
Ranking in other categories
No ranking in other categories
Rapid7 InsightIDR
Ranking in Security Information and Event Management (SIEM)
9th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
32
Ranking in other categories
User Entity Behavior Analytics (UEBA) (2nd), Endpoint Detection and Response (EDR) (18th), Threat Deception Platforms (5th), Extended Detection and Response (XDR) (14th)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 3.9%, up from 3.6% compared to the previous year. The mindshare of Rapid7 InsightIDR is 2.5%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Aman Aijaz - PeerSpot reviewer
An easy-to-scale open-source solution used for monitoring events on devices
The area for improvement is a lot. When I started using it on our enterprise side, the issue we faced was, for example, if we were running at that time on AlienVault OSSIM v5.7.4. So, for some orders, we had to install some packages, and when we tried installing that package, some dependencies got upgraded to a new version. Now once that dependency got upgraded, the SQL, since you might be aware that OSSIM uses SQL database, now SQL and all the dependency in everything was not on the same version, and that caused the database to crash. The aforementioned area should be eased out by upgrading the patches and upgrading dependencies. This kind of thing is a disadvantage of OSSIM, and I would like them to work on this. But I have also raised service requests many times and gave it a push on the community section too. However, since it is a local source, they don't reply much over there. That is why I don't like to work on OSSIM because it is unpredictable. Once the storage goes above 50 percent, it starts behaving unpredictably. If you get stuck with a situation, then you need to drill a lockdown into that. Sometimes you get no luck. Then you have to just reimage the server with the new fresh OS of AlienVault. As for additional features, not much because if you move to the newer version, it is kind of getting more stable. But, to make my life easier, then I would say try to give more features. I know it's open source, so they also cannot provide me with more features. But still, if they can provide me with more features because right now it's becoming old. Right now, we are even moving from SIEM to Security Data Lake. So when we move to it, this will be literally outdated. No one can even expect anything out of it. The way security is moving, it will be outdated very soon. They have to also provide something new to keep this going for the future also.
Asim Naeem - PeerSpot reviewer
Providing comprehensive insight into alerts while working towards AI enhancement
I definitely recommend Rapid7 InsightIDR. It is becoming better, with improvements being continuously made to the product. Right now, I do not have any advice about Rapid7 for other users because every organization or user has different criteria or multiple use cases, so I refrain from commenting on that. I rate the overall solution seven out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable at least you can do something about it."
"The initial setup is straightforward."
"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"Asset discovery is good."
"Network traffic analysis is highly efficient."
"AlienVault OSSIM is an enterprise solution that sells easily. It is rated highly by organizations."
"OSSIM is the only solution that includes the large number of modules that we need: a vulnerability scanner, a network IDS system, a host IDS system."
"The solution is free to use."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
"The alerting to drive investigations and remediation has been its most valuable feature.​"
"The solution is very scalable in terms of the licensing model."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"​​User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
 

Cons

"The solution needs more integration with cyber intelligence systems."
"There are somewhat more false positives with the user behavior analytics, which could benefit from an additional machine learning model to detect user patterns more rapidly."
"It's under heavy traffic. If you have heavy traffic, the system is slow."
"AlienVault OSSIM gives unwanted notifications."
"There are somewhat more false positives with the user behavior analytics, which could benefit from an additional machine learning model to detect user patterns more rapidly."
"The price of this solution is very high and it could be cheaper."
"Sometimes technical issues take very long to get resolved."
"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"There are certain limitations with Rapid7 that I am working on."
"The solution needs improvement in threat intelligence. Increasing the depth of intelligence to help users understand more about threats is a possibility. My suggestion is to expand access to other websites or resources."
"Currently, it lacks the functionalities provided by Rapid7's User Behavior Analytics (UBA)."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"The APIs can be further improved in Rapid7."
 

Pricing and Cost Advice

"OSSIM is free."
"The price of AlienVault OSSIM is too high sometimes for us to present to our customers. The price should be lower. We are on a three-year license to use the solution. We had to pay extra for the support."
"AlienVault OSSIM is an open-source solution."
"I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log."
"We are using the community version, which can be used for free."
"AlienVault OSSIM is free."
"OSSIM is open source, and USM is the paid license. So, if you want, you can switch to USM. There you will have to buy a license, and they have a support team that helps you out on issues you face."
"When comparing AlienVault OSSIM to Microsoft Sentinel, AlienVault OSSIM incurs additional costs due to its licensing price structure. If you are using AlienVault for security purposes at a certain level it can have a higher price point than the current pricing of Microsoft Sentinel."
"The pricing of the solution depends on the user. But there is a yearly licensing cost."
"It is a reasonably priced solution."
"Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
"​Accurately predict your licensing counts as this is a subscription based product.​"
"Rapid7 InsightIDR is priced very well and is cost-effective."
"It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."
"Rapid7 InsightIDR is a cheaply priced product. On a scale of one to ten, where one is very expensive, and ten is very cheap, I rate the product's price at seven or eight."
"The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Comms Service Provider
10%
Financial Services Firm
9%
University
7%
Computer Software Company
16%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for AlienVault OSSIM?
It depends. I would need to review their cost models, but generally, they are on a scaled basis based on throughput usage. Because it's a software as a service solution for their core product for U...
What needs improvement with AlienVault OSSIM?
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implement...
What SOC product do you recommend?
For tools I’d recommend: -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also, rememb...
What do you like most about Rapid7 InsightIDR?
During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an applicati...
 

Also Known As

OSSIM
InsightIDR
 

Overview

 

Sample Customers

Council Rock School District
Liberty Wines, Pioneer Telephone, Visier
Find out what your peers are saying about AlienVault OSSIM vs. Rapid7 InsightIDR and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.