AlienVault OSSIM Review

Free to use but doesn't offer many integrations and doesn't have technical support


What is our primary use case?

We primarily use the solution just to analyze events that occur based on security events.

How has it helped my organization?

I can't really discuss how this helps my organization. I'm running this from my home, so this is not a business I'm using it for. What I do is I log in infrequently to the device or to the service and I check and see if there's anything that's anomalous or anything that is of concern. 

What is most valuable?

The dashboard is the solution's most valuable aspect. It brings everything into one central point where I can actually look at it and go, "Okay, I understand what's going on."

The solution works well and allows me to have visibility into anomalous events.

What needs improvement?

I'm not sure if there's anything on the solution that needs improvement.

I would like the solution to be able to integrate with my firewall, my IDS and my Honeypot solutions so that it can provide real-time reporting as things occur and then have alert sent to me on my phone when suspicious activity is happening.

For how long have I used the solution?

I've only been using the solution for about a year.

What do I think about the stability of the solution?

The solution is very stable. It runs well and there are no issues that I can see that would make me concerned about its stability. I haven't faced any bugs or crashes that would make me worry.

What do I think about the scalability of the solution?

The solution is largely scalable. I'd rate it at about a seven out of ten in terms of how well you can expand it. 

There is room for improvement, but that's only because it depends upon the data that's feeding in. You have to understand that it's a collector. It collects data, it analyzes data. It's only going to be as good as the data you give it.

How are customer service and technical support?

The solution is free to use and therefore doesn't offer technical support.

Which solution did I use previously and why did I switch?

I didn't previously use a different solution, at least not at my house.

How was the initial setup?

The initial setup was very straightforward. I didn't run into any problems or complexities at all.

I maintain the solution myself. It doesn't require a lot of maintenance or man-hours to keep it running properly.

What about the implementation team?

I didn't use a reseller or integrator to assist me. I was able to handle the process from beginning to end on my own.

What's my experience with pricing, setup cost, and licensing?

The solution is free to use.

Which other solutions did I evaluate?

I didn't evaluate any other options. I already knew enough about them, and this was the only free solution, which is why I chose it.

What other advice do I have?

I would advise others to not implement it for any enterprise-level organization. However, it would definitely be a good solution for a small business environment.

I would rate the solution five out of ten. It's free, so there isn't support, first of all. Second of all, it doesn't have all the integrations that I would hope for. And thirdly, because since AT&T bought them, I worry AT&T will ultimately destroy the product. I don't like AT&T.

Which deployment model are you using for this solution?

On-premises
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More AlienVault OSSIM reviews from users
...who compared it with Splunk
Add a Comment
Guest