AlienVault OSSIM Review

Full fledged solution where everything comes in one box


What is our primary use case?

Our primary use case for AlienVault is incident management. We started as a customer because one of our companies worked on it. Eventually, we started reselling the service. 

What is most valuable?

What I like about this product, is that it is a fully-fledged solution. I don't need to buy any complementary products, everything comes in one box.

What needs improvement?

I would like to see an improvement in their threat exchange database because the OTX is not the best thing in the marketplace. There are better solutions. So if they could enhance our feature development, it would make the product much better. 

For me, the user interface is very important, because the simpler the user interface is, the easier it is to find candidates to run the operation. If the user interface is very complicated, you need to expose your technical people to very intensive training in order to understand the system and to get the output right. So, from a user perspective, I would say the simpler the user interface, the better the product, especially for security issues. You need to let your tech people concentrate on the incident rather than on how to use the software to get the answer.

Lastly, if technical issues could be resolved faster, it would be a huge improvement. 

For how long have I used the solution?

We've been using this solution for two years now.

What do I think about the stability of the solution?

This solution is about 90% stable. I do have a problem with vulnerability.

What do I think about the scalability of the solution?

It's a very scalable product. I will say it is 100% scalable. It is currently managing the entire security of the firm, but it's managed by four members of our staff because it's a 24/7 operation. Three of them work shifts, and one of them is the supervisor. 

How are customer service and technical support?

I will give their technical support 80%. Although I am not completely satisfied, their response is good. I give their response 100% because whenever you open a ticket, you get communication on the spot. But sometimes it takes very long for your issue to get resolved. And that's why I'm only giving them 80%.

If you previously used a different solution, which one did you use and why did you switch?

We also used IBM QRadar before, but we did not get proper support and that's why we switched to AlienVault. 

How was the initial setup?

The initial setup was rather complex and it took us about a day to finalize everything. When we did the deployment, we had some support from AlienVault. And eventually, when we installed it for our customers, our technical team did it by themselves. They didn't require any kind of support from AlienVault.

What's my experience with pricing, setup cost, and licensing?

The price was good and it matched out budget at that stage.

Which other solutions did I evaluate?

We looked at ArcSight as an option at the beginning, but the pricing was not what we were looking for. And we don't have the proper channel to sell ArcSight in Egypt. That's why we decided to go to AlienVault.

What other advice do I have?

If anybody asked me if am I happy with AlienVault, I would say that it is a very good product. Frankly speaking, if anybody asked me about QRadar or ArcSight I will say the same, but it requires lots of training and you need to have a source for the product and for the pricing, otherwise, you will end up paying an enormous amount of money.

With AlienVault you get everything in one box. I will rate this product an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email