We performed a comparison between AlienVault OSSIM and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"The most valuable features of AlienVault OSSIM are case management, ease of configuration, and investigation."
"The solution is free to use."
"The paid version of the solution has reporting and better scalability options."
"OSSIM is the only solution that includes the large number of modules that we need: a vulnerability scanner, a network IDS system, a host IDS system."
"The solution is very stable. Compared to Qradar and Splunk, it's very stable."
"There are a lot of people you will find using OSSIM since they are also offering OTX as a service"
"Better than other SIEM solutions because almost everything can be integrated."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"The most valuable features are the packet inspection and the automated incident response."
"The most valuable feature is the security that it provides."
"The most valuable features are the packet decoder, log decoder, and concentrator."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"Performance and reporting are very good."
"I don't like to work on OSSIM because it is unpredictable."
"GUI could be improved."
"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."
"I suggest more in-built rules based on modern threats and environments to make it a more competitive solution."
"We need more dashboards and we need more customization for dashboards."
"Lacking in depth of reporting."
"AlienVault OSSIM gives unwanted notifications."
"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."
"It is not so easy to customize this product."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"We have encountered issues with unresolved crashes."
"The product's licensing models are complex to understand. This particular area needs improvement."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"Its technical support could be better."
AlienVault OSSIM is ranked 11th in Security Information and Event Management (SIEM) with 28 reviews while NetWitness Platform is ranked 15th in Security Information and Event Management (SIEM) with 36 reviews. AlienVault OSSIM is rated 7.4, while NetWitness Platform is rated 7.4. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and Microsoft Sentinel, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel. See our AlienVault OSSIM vs. NetWitness Platform report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.