We performed a comparison between AlienVault OSSIM and Fortinet FortiSIEM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"The UI of Sentinel is very good and easy to use, even for beginners."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"The UI-based analytics are excellent."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The initial setup is straightforward."
"The most valuable features of this solution are the data correlation and vulnerability assessment."
"The most valuable features of AlienVault OSSIM are case management, ease of configuration, and investigation."
"The threat alerts it gives me from time to time on harmful code within the network, or if they are generating any network traffic, are very useful."
"The solution has a very good open source community, and whenever we have problems, we are always able to resolve it online."
"You can customize the dashboards as well as the reporting."
"Better than other SIEM solutions because almost everything can be integrated."
"Asset discovery is good."
"FortiSIEM's log correlation is good."
"We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"The primary valuable feature is that it has replaced a whole lot of other products with one platform."
"It gives us the opportunity to generate notifications based upon rules that get triggered, and the rules could be specific to PCI, HIPAA, GIBA, NIST, and so forth."
"We're able to get real-timec as well as our customer networks that we're monitoring at all times."
"The product's initial setup phase was easy."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"The reporting could be more structured."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"One key area that can be improved is by building a strong integration with our XDR platform."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"I don't like to work on OSSIM because it is unpredictable."
"They can add more compliance templates."
"The user interface needs to be friendlier across the board."
"It's under heavy traffic. If you have heavy traffic, the system is slow."
"AlienVault OSSIM should improve the deployment and make it unified like the USM."
"The documentation could be improved."
"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."
"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."
"They should enhance the solution's AI capabilities, including XDR and EDR."
"The only drawback is the licensing model. It can get expensive if you want to integrate more solutions."
"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."
"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."
"The reporting feature is not very attractive for the upper management and I am not able to perform complex/nested queries."
"Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules."
"There is no proper guide for integration or configuration."
"The performance can be improved. Sometimes it takes a long time to fetch data."
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 27 reviews while Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 64 reviews. AlienVault OSSIM is rated 7.4, while Fortinet FortiSIEM is rated 7.6. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and AWS Security Hub, whereas Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and SCOM. See our AlienVault OSSIM vs. Fortinet FortiSIEM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.