We performed a comparison between AlienVault OSSIM and Elastic Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution has a very good open source community, and whenever we have problems, we are always able to resolve it online."
"OSSIM is the only solution that includes the large number of modules that we need: a vulnerability scanner, a network IDS system, a host IDS system."
"The initial setup was straightforward. I didn't have any problems."
"The product is easy to use."
"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"With AlienVault you get everything in one box."
"The paid version of the solution has reporting and better scalability options."
"Better than other SIEM solutions because almost everything can be integrated."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"It's very customizable, which is quite helpful."
"The visualization is very good."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"ELK documentation is very good, so never needed to contact technical support."
"The user interface could be improved."
"AlienVault OSSIM’s configuration and integration could be a little easier."
"I suggest more in-built rules based on modern threats and environments to make it a more competitive solution."
"The solution needs more integration with cyber intelligence systems."
"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."
"The price of this solution is very high and it could be cheaper."
"We need more dashboards and we need more customization for dashboards."
"There needs to be more support or some kind of training program so users can self-learn the system more effectively."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"Technical support could respond faster."
"The tool should improve its scalability."
"This solution is very hard to implement."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"The solution's query building is not that intuitive compared to other solutions."
AlienVault OSSIM is ranked 11th in Security Information and Event Management (SIEM) with 28 reviews while Elastic Security is ranked 5th in Security Information and Event Management (SIEM) with 59 reviews. AlienVault OSSIM is rated 7.4, while Elastic Security is rated 7.6. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". AlienVault OSSIM is most compared with Wazuh, USM Anywhere, Splunk Enterprise Security, Microsoft Sentinel and Fortinet FortiSIEM, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Graylog. See our AlienVault OSSIM vs. Elastic Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.