We performed a comparison between AlienVault OSSIM and ManageEngine Log360 based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The connectivity and analytics are great."
"It's pretty powerful and its performance is pretty good."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"The most valuable features of AlienVault OSSIM are vulnerability assessment, network intrusion detection system, response to critical events, and awareness of the whole network."
"Inbuilt IDS, inbuilt integration with threat intelligence platform and with vulnerability assessment modules."
"There are a lot of people you will find using OSSIM since they are also offering OTX as a service"
"The threat policies of the solution are always very advanced and the best in the market. They are very persistent in terms of keeping up with security protocols."
"The threat alerts it gives me from time to time on harmful code within the network, or if they are generating any network traffic, are very useful."
"Asset discovery is good."
"You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think Alien Vault has the best price-performance ratio."
"The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable at least you can do something about it."
"The solution could be improved by including XDR, remediation and Sandbox."
"The product is very user-friendly."
"The deployment is quite simple and pretty straightforward."
"The reports that you can run are really nice."
"We haven't had any stability issues."
"The most valuable features for us are the application logs monitoring and the dashboard, which provides a single-pane view of all the ongoing activities."
"The Sharecon feature is the most valuable."
"It is nice to be able to monitor and to have notifications."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"The AI capabilities must be improved."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"The playbook is a bit difficult and could be improved."
"AlienVault OSSIM should improve the deployment and make it unified like the USM."
"The solution needs more integration with cyber intelligence systems."
"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."
"AlienVault OSSIM gives unwanted notifications."
"The solution is not scalable."
"They can add more compliance templates."
"The incidence reporting could be better."
"There needs to be more support or some kind of training program so users can self-learn the system more effectively."
"It is not expensive compared to other solutions."
"It's difficult to find which conditions have been applied to a report because they are provided by default by ManageEngine. However, with other SIEMs if you want to create a report, they provide details, like which conditions are triggering certain reports. This needs to be there in ManageEngine. It would be good to know which parameter has been applied to the report that is updating the system."
"The matter of the data retention needs to be addressed."
"The graphical interface could be made easier to use when you are connecting to different network equipment."
"There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk."
"The solution lacks some features when compared to other products."
"Most times log sheets are not assigned well."
"It takes a little bit of time for Log360 to actually learn your environment."
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 27 reviews while ManageEngine Log360 is ranked 24th in Security Information and Event Management (SIEM) with 15 reviews. AlienVault OSSIM is rated 7.4, while ManageEngine Log360 is rated 7.2. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and SolarWinds Security Event Manager , whereas ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Splunk Enterprise Security, Fortinet FortiSIEM and SolarWinds Security Event Manager . See our AlienVault OSSIM vs. ManageEngine Log360 report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
