AlienVault OSSIM Reviews

Name: AlienVault OSSIM
Brand: AT&T
Rating: 4 (27 reviews)

Vendor: AT&T

3.7 out of 5

27 reviews
77% willing to recommend

109 followers

What is AlienVault OSSIM?UNIXBusinessApplication
Price:

AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

Get the AlienVault OSSIM Buyer's Guide and find out what your peers are saying about AlienVault OSSIM, Splunk Enterprise Security, Microsoft Sentinel and more!

AlienVault OSSIM is the #14 ranked solution in top Security Information and Event Management (SIEM) solutions. PeerSpot users give AlienVault OSSIM an average rating of 7.4 out of 10. AlienVault OSSIM is most commonly compared to Splunk Enterprise Security: AlienVault OSSIM vs Splunk Enterprise Security. AlienVault OSSIM is popular among the large enterprise segment, accounting for 51% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 17% of all views.

Helped 769,599 peers since 2012

Featured reviews

Aman Aijaz

Assistant Manager Global Security at Convergys Corporation

Jun 28, 2023

The area for improvement is a lot. When I started using it on our enterprise side, the issue we faced was, for example, if we were running at that time on AlienVault OSSIM v5.7.4. So, for some orders, we had to install some packages, and when we tried installing that package, some dependencies got upgraded to a new version. Now once that dependency got upgraded, the SQL, since you might be aware that OSSIM uses SQL database, now SQL and all the dependency in everything was not on the same version, and that caused the database to crash. The aforementioned area should be eased out by upgrading the patches and upgrading dependencies. This kind of thing is a disadvantage of OSSIM, and I would like them to work on this. But I have also raised service requests many times and gave it a push on the community section too. However, since it is a local source, they don't reply much over there. That is why I don't like to work on OSSIM because it is unpredictable. Once the storage goes above 50 percent, it starts behaving unpredictably. If you get stuck with a situation, then you need to drill a lockdown into that. Sometimes you get no luck. Then you have to just reimage the server with the new fresh OS of AlienVault. As for additional features, not much because if you move to the newer version, it is kind of getting more stable. But, to make my life easier, then I would say try to give more features. I know it's open source, so they also cannot provide me with more features. But still, if they can provide me with more features because right now it's becoming old. Right now, we are even moving from SIEM to Security Data Lake. So when we move to it, this will be literally outdated. No one can even expect anything out of it. The way security is moving, it will be outdated very soon. They have to also provide something new to keep this going for the future also.

Read full review

Steven Sheehy

Managing Director of Hytec (OLM Group company) at OLM Group company

May 19, 2023

We are using AlienVault OSSIM for our internal team to support a SOC capability The most valuable features of AlienVault OSSIM are case management, ease of configuration, and investigation. AlienVault OSSIM could improve by having better integration with some of the newer tools. Ina future…

Read full review

Intekhab Ahmad.

Senior System and cyber security administration at Tankeenhr

Jan 29, 2024

The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue. Regular meetings are conducted every ten to twenty days to update network issues. Due to restrictions, users face challenges when accessing WhatsApp from outside Saudi Arabia. To bypass this, they use VPNs. When a user logs into Office 365 via VPN, the system sends me a notification indicating their login.

Read full review

AlienVault OSSIM market share

As of April 2024, the market share of AlienVault OSSIM in the Security Information and Event Management (SIEM) category stands at 1.4%, marking a decrease of 44.6% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Key learnings from peers

Last updated Apr 30, 2024

Valuable Features

"Asset discovery is good."
"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"The product is easy to use."

Room for Improvement

"The solution is not scalable."
"AlienVault OSSIM gives unwanted notifications."
"AlienVault OSSIM’s configuration and integration could be a little easier."

Pricing

The pricing and licensing experience for AlienVault OSSIM varies among users. Some mention that there are two options available: OSSIM, which is open source, and USM, which requires a paid license. The paid license comes with a support team to assist with any issues. However, others mention that the licensing price structure of AlienVault OSSIM can lead to additional costs compared to other solutions like Microsoft Sentinel.

Users must pay extra for support.