Snort vs. OSSEC

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Snort
Score 8.4 out of 10
N/A
Sourcefire developed Snort, an open source intrusion prevention system capable of real-time traffic analysis and packet logging. Snort was acquired (and is now supported) by Cisco in 2013.N/A
OSSEC
Score 0.0 out of 10
N/A
OSSEC is a server intrusion detection for every platform. OSSEC is fully open source and free, and can be tailored to meet a business's security needs through its configuration options, adding custom alert rules and writing scripts to take action when alerts occur. The OSSEC+ edition, also free, provides additional capabilities to the basic OSSEC version such as the Machine Learning System for those that simply register.N/A
Pricing
SnortOSSEC
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
SnortOSSEC
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
SnortOSSEC
Best Alternatives
SnortOSSEC
Small Businesses
LevelBlue USM Anywhere
LevelBlue USM Anywhere
Score 3.9 out of 10
LevelBlue USM Anywhere
LevelBlue USM Anywhere
Score 3.9 out of 10
Medium-sized Companies
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
SnortOSSEC
Likelihood to Recommend
8.1
(0 ratings)
-
(0 ratings)
User Testimonials
SnortOSSEC
Likelihood to Recommend
If a colleague was looking to tighten down their network I can easily recommend Snort to them. It gives you some more peace of mind knowing that its always scanning traffic for malicious looking code. Even things your major firewalls and security hardware might miss, Snort has picked up. Its an easy recommendation for me.
Read full review
No answers on this topic
Pros
  • The threat intelligence from Cisco TALOS is unparalleled. This is grafted into the Sourcefire application which greatly improves security visibility. With this there are a lot of groups that you can use for white listing or blacklisting, knowing its being updated in the background without additional work from you.
  • Flexible. Instead of putting a traditional firewall inline you can put a source fire appliance (or firewall with sourcefire on-board) to not only block/allow traffic, but if you insights into it, and do some forms of threat scoring.
  • In depth information. Sometimes a bit overwhelming, but you are able to do more than just see alerts, you can view the full information and packets that lead to the conclusion, though the conclusion is prepared in advance for you.
Read full review
No answers on this topic
Cons
  • There are plenty of false positives in the logs, but no problems noticed related to them.
Read full review
No answers on this topic
Alternatives Considered
Snort was chosen mainly for the ease and cost. With Snort we was able to set up in a matter of minutes without any professional services needed. If you are used to packet tracing the old fashion way, this is the product for you.
Read full review
No answers on this topic
Return on Investment
  • The Sourcefire deployment has been very good at actively blocking threats that would have potentially caused loss or compromise.
  • It has given us great visibility to our network.
Read full review
No answers on this topic
ScreenShots