• Support
  • Forums
  • Blogs
A New Community Experience is Coming! For more information, please see our announcement.

AlienVault vs Rapid7

ryankapoorryankapoor

New Life Form

I'm looking at both for SIEM, IDS and CVE scanning. Does anybody have any experience with them? I saw that the licensing is very different, AlienVault USM includes all the modules for a set price with two site sensors, but Rapid7 is licensed depending on which modules you need. Rapid7 can't migrate my existing Splunk (we only do SIEM here) logs into it, but AlienVault said they could.

Looking for some real world feedback. Has anybody gotten one and preferred the other? Did you start with a module or two in Rapid7 and now expanded to additional functionality like the internal pen-test?

Share post:

Comments

  • Are you referring to Rapid7 IDR or Nexpose?



  • Do you find any answer regarding your doubts, ryankapoor??
  • I saw that the licensing is very different, AlienVault USM includes all the modules for a set price with two site sensors, but Rapid7 is licensed depending on which modules you need


  • Its is more holistic approach towards security. You correlate uncorrelated events in order to achieve granularity in the security monitoring. The difference is in the approach one wanted to adopt.

    USM has several used cases and VA is one of it. With USM you could have SIEM + other features from a single pane of glass. 

    Thanks

  • please share here, if you find it.
  • hi, 

    the product evaluation is very complicated

    are you focus on vulnerable management? ids? process mgmt?
    cloud or on prem?
    Budget limits? ;)
    are you have enterprise products running?

    quick facts
    vulnerable management is very easy and that's not a secrect.
    av use the openvas feeds -> that's means that you will have no real enterprise products anymore (ok just a very few of them) that's what you have to pay for by green bone (openvas enterprise feed), rapid7, tenable...
    btw that's as well no secrect openvas cuts the feed as well these year and reduce old products which are normally still running in real world company's. 
    if you evaluate them just compare the reports against products like oracle db, solaris 11, juniper xy, sap and so on.
    the game changer by rapid7 is the risk score that's not just the typical cvss score like by openvas. 
    *but* you by asset by rapid7...
    on the other hand you can improve openvas in combo with nmap and vulndb - thats as well very powerful.

    my tip check av very deep 

  • Do you find any answer regarding your doubts, ryankapoor??



Sign In or Register to comment.