AlienVault OSSIM Other Advice

RajaniKant Singh
CISO with 1,001-5,000 employees
If your network is flat, if it is not that complicated, then you should go for it. I'm using it free of cost, so I'm very happy with AlienVault. I'm the only one who's controlling it. I have a team of five. They are my soft team. They monitor all the alerts 24/7. It takes a team of five to maintain it. I lead the security section and among the other five, two are network specialists and three are system administrators. View full review »
Salesengine67
Sales Engineer at a tech vendor with 51-200 employees
I used this product for about a year. It was on-premise. My advice is to just read the manual. OSSIM is very simple. If you know why you need to use it, you will be happy. The biggest lesson is that the logs are "power." In these logs, with a good normalization engine, you can find so much very useful information about your infrastructure, sometimes about your employees, and about your business-critical processes. I would rate the solution at ten out of ten. It's really the best open-source CM on the market. It's simple, it has OTX integration. OTX, the Open Threat Exchange, is also a great product from AlienVault. It's like Facebook for indicators of compromises. View full review »
MohamedMohsen
Founder & CEO at MnZ Technology Solutions
If anybody asked me if am I happy with AlienVault, I would say that it is a very good product. Frankly speaking, if anybody asked me about QRadar or ArcSight I will say the same, but it requires lots of training and you need to have a source for the product and for the pricing, otherwise, you will end up paying an enormous amount of money. With AlienVault you get everything in one box. I will rate this product an eight out of ten. View full review »
Find out what your peers are saying about AT&T, Splunk, Fortinet and others in Security Information and Event Management (SIEM). Updated: November 2019.
377,264 professionals have used our research since 2012.
Tamer Serag Ahmed
Cyber Security Consultant at Besafe-tech
There is a cloud version of this solution available, called AlienVault USM Anywhere, which defends data that is outside of the premises. The OSSIM version is an open-source product, unlike AlienVault USM, or the cloud version, AlienVault USM Anywhere. You have to rely on the community for support. If you are a business or a bank or a financial institution then it would be better to go with the licensed version. You get support 24/7, while with the community you cannot find this support. On the other hand, an individual who is using it and can handle the issues should go with OSSIM because it's almost free. As long as you can handle problems, such as when it stops working, that you can fix over a couple of days or during the weekend, then it is fine. I would rate this solution a ten out of ten. View full review »
BonganiMkwananzi
Owner & Cyber Security Consultant at Sekurisor
We use the cloud deployment model. I have a server that I subscribe people to. I would advise others to consider, if they get more customers, to do the commercial version the OSSIM from AlienVault. It's now part of AT&T, so there's a lot of support. I would rate the solution seven out of ten. View full review »
Cyberspec67
Cyber Security Specialist at AEC
I've used this for a small environment, and it was amazing. I'm currently converting to QRadar now because I am expanding. I am handling more than 30,000 events per second. I can't use Alien Vault, as it's too high a threshold. I do recommend the solution, however, for those with small environments that don't handle as many events. It works great for anything under 1,000 events per second. I would rate the solution eight out of ten. View full review »
Idris Aliyu
HEAD OF ENGINEERING at a tech services company with 1-10 employees
We use the on-premises deployment model. We have a small setup. It's an environment that supports only about 20 users, so, it's not really a complex setup. I would give the solution a rating of seven out of ten. I believe if I paid for the support I'd get a higher quality of software and other additional functionalities. View full review »
Kuzey Aksu
Information Security Manager at a financial services firm with 201-500 employees
We use the on-premises deployment model. I would rate the solution nine out of ten. View full review »
Seyed Mustafa GonzáLez
Development Manager at a tech services company with 51-200 employees
The installation is easy, but it's not very compatible with some of our other solutions. Still, it's okay, it's very good. It integrates well with ELK. I would rate the solution six out of ten. View full review »
Find out what your peers are saying about AT&T, Splunk, Fortinet and others in Security Information and Event Management (SIEM). Updated: November 2019.
377,264 professionals have used our research since 2012.
Sign Up with Email