AlienVault OSSIM Other Advice
I would definitely recommend anyone to get on this tool if they are starting a career in cybersecurity since there are not many tools available in the market which help you get an experience as a SIEM tool. The other ones are paid ones, where you need to buy a license, and then you can try it. So, if you're just starting your own lab, then this thing can provide you with a very great edge because you can experience many attacks and see how the logs are there on the system. So this kind of provides you with that.
Overall, I would rate it an eight out of ten.
My advice to others would be to do the webinars and stay as standard as possible.
It is simple to configure and use this system as it calculates all the necessary components. Looking ahead, it is crucial for Microsoft to maintain its position in the top quadrant, as determined by Gartner, considering the investments made by both Google and Microsoft in this space.
I rate AlienVault OSSIM a seven out of ten.
All components, including cloud integration, Microsoft Office 365, local servers, and domain controllers, are integrated into the system. Deploying three servers across various locations allows for the collection of data, which is then uploaded to generate reports. I rate the overall product a six out of ten.
View full review »Buyer's Guide
AlienVault OSSIM
April 2024
Learn what your peers think about AlienVault OSSIM. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
767,847 professionals have used our research since 2012.
I am using the latest version of AlienVault OSSIM.
The people who work with AlienVault OSSIM have just a few tutorials on YouTube where they teach people to use it.
I totally recommend AlienVault OSSIM to other users.
Overall, I rate AlienVault OSSIM a seven out of ten.
KB
reviewer1378779
System Administrator at a marketing services firm with 10,001+ employees
My advice to anybody who is considering AlienVault is to implement a proof of concept to ensure that it meets their requirements. A PoC should be done before settling on any product.
I would rate this solution a nine out of ten.
View full review »I rate AlienVault OSSIM a nine out of ten.
View full review »KA
KHADIJA SALAM SALEH AL-HARRASI
Student at a educational organization with 1,001-5,000 employees
KA
Kuzey Aksu
Information Security Manager at a financial services firm with 201-500 employees
We use the on-premises deployment model.
I would rate the solution nine out of ten.
View full review »It is a very good solution. It is already more than adequate. It is a perfectly nice and free tool for compliance testing, assessment, and some basic vulnerability.
I would advise upgrading to its paid version, USM, to get more features. It's well worth the money because of the provided threat intelligence, support, and training. When you upgrade to the paid version, you enjoy all these features. OSSIM doesn't have all these features because it is a freeware.
AlienVault OSSIM is backed up by AT&T Cybersecurity, which is a Fortune Top 20 company. When you upgrade to the paid version, you also get support from AT&T, which is good.
I would rate AlienVault OSSIM a nine out of ten. I'm very happy with this solution. It is a great product.
View full review »TS
Tamer Serag Ahmed
Co-Founder at Besafe Technology
There is a cloud version of this solution available, called AlienVault USM Anywhere, which defends data that is outside of the premises.
The OSSIM version is an open-source product, unlike AlienVault USM, or the cloud version, AlienVault USM Anywhere. You have to rely on the community for support. If you are a business or a bank or a financial institution then it would be better to go with the licensed version. You get support 24/7, while with the community you cannot find this support. On the other hand, an individual who is using it and can handle the issues should go with OSSIM because it's almost free. As long as you can handle problems, such as when it stops working, that you can fix over a couple of days or during the weekend, then it is fine.
I would rate this solution a ten out of ten.
View full review »BM
BonganiMkwananzi
Owner & Cyber Security Consultant at Sekurisor
We use the cloud deployment model. I have a server that I subscribe people to.
I would advise others to consider, if they get more customers, to do the commercial version the OSSIM from AlienVault. It's now part of AT&T, so there's a lot of support.
I would rate the solution seven out of ten.
View full review »RK
RajaniKant Singh
CISO at a recreational facilities/services company with 501-1,000 employees
If your network is flat, if it is not that complicated, then you should go for it. I'm using it free of cost, so I'm very happy with AlienVault.
I'm the only one who's controlling it. I have a team of five. They are my soft team. They monitor all the alerts 24/7. It takes a team of five to maintain it. I lead the security section and among the other five, two are network specialists and three are system administrators.
View full review »PO
PHILIP OLANIYAN
Relationship Manager at Snapnet Ltd
I rate AlienVault OSSIM an eight out of ten.
View full review »DT
Danilo Tiberi
ICT Consultant at N3tcom
We have two people that do the maintenance for the solution.
I rate AlienVault OSSIM an eight out of ten.
IA
reviewer735291
Chief Operating Officer at a insurance company with 201-500 employees
I rate AlienVault OSSIM an eight out of ten.
View full review »SA
Sharad Agrawal
Co-Founder and Director - Information Technology at Techneow
We're just customers. We don't have a business relationship with the product.
We're using the enterprise edition of the solution, the MSSP edition, however, I'm unsure which version it is we're currently on.
Typically, we get requests for QRadar, AlienVault, or Sentinal. QRadar and AlienVault are the top choices for the most part, and we work with both. We try to accommodate our client's preferences.
I'd rate the solution overall at eight out of ten.
View full review »DL
Denis L
Sales Solutions Engineer at a tech services company with 201-500 employees
I used this product for about a year. It was on-premise.
My advice is to just read the manual. OSSIM is very simple. If you know why you need to use it, you will be happy.
The biggest lesson is that the logs are "power." In these logs, with a good normalization engine, you can find so much very useful information about your infrastructure, sometimes about your employees, and about your business-critical processes.
I would rate the solution at ten out of ten. It's really the best open-source CM on the market. It's simple, it has OTX integration. OTX, the Open Threat Exchange, is also a great product from AlienVault. It's like Facebook for indicators of compromises.
View full review »MM
MohamedMohsen
Founder & CEO at MnZ Technology Solutions
If anybody asked me if am I happy with AlienVault, I would say that it is a very good product. Frankly speaking, if anybody asked me about QRadar or ArcSight I will say the same, but it requires lots of training and you need to have a source for the product and for the pricing, otherwise, you will end up paying an enormous amount of money.
With AlienVault you get everything in one box. I will rate this product an eight out of ten.
View full review »FJ
Fareed Jamali
Research Assistant at a tech services company with 51-200 employees
Those who are looking for a solution like this one should first conduct a survey. There are other solutions which are quite capable of doing similar things, even open source solutions. If a company can afford a commercial solution, they should go for that rather than for an open source solution. It requires an expert to assess the situation. A small mistake can lead to a big problem; opensource is there for those who know what they're doing.
If you're looking to add another feature, you need to have strong coding because tweaking them is not simple. I'm in a technical team so that's my perspective.
I would rate this solution a six out of 10.
View full review »I'm a consultant.
I'd rate the solution at an eight out of ten. For the most part, I am satisfied with its capabilities.
View full review »IA
reviewer735291
Chief Operating Officer at a insurance company with 201-500 employees
We use the on-premises deployment model.
We have a small setup. It's an environment that supports only about 20 users, so, it's not really a complex setup.
I would give the solution a rating of seven out of ten. I believe if I paid for the support I'd get a higher quality of software and other additional functionalities.
View full review »AF
Cyberspec67
Cyber Security Specialist at AEC
I've used this for a small environment, and it was amazing. I'm currently converting to QRadar now because I am expanding. I am handling more than 30,000 events per second. I can't use Alien Vault, as it's too high a threshold.
I do recommend the solution, however, for those with small environments that don't handle as many events. It works great for anything under 1,000 events per second.
I would rate the solution eight out of ten.
View full review »JP
Jim Poehlman
Chief Wealth Cybersecurity Architect at PWcyber
I would advise others to not implement it for any enterprise-level organization. However, it would definitely be a good solution for a small business environment.
I would rate the solution five out of ten. It's free, so there isn't support, first of all. Second of all, it doesn't have all the integrations that I would hope for. And thirdly, because since AT&T bought them, I worry AT&T will ultimately destroy the product. I don't like AT&T.
View full review »SA
S Mustafa Afzouni
Development Manager at a tech services company with 51-200 employees
The installation is easy, but it's not very compatible with some of our other solutions. Still, it's okay, it's very good. It integrates well with ELK.
I would rate the solution six out of ten.
View full review »RJ
reviewer1140594
Director at a tech services company with 51-200 employees
Most of the SOC or SIEM enterprise class products are very expensive, whereas with OSSIM you can start out with a smaller setup and then expand as you wish. It's great because you get a pre-integrated, ready to run platform, which you can deploy. You don't have to bother about the integrations too much. This platform provides an adequate level of experience for that kind of an integrated intelligence gathering in any IT setup at a reasonable cost. It makes the entry easier for somebody who's not so well versed in these technologies and so on. I think that's the principal use case for AlienVault's product line.
Make sure to choose the right partner to do the implementation. It's important that they know and understand the technology. They should have a very good understanding of the tool as well as an understanding of the security and operations space so that they are able to deliver on what you want to achieve as an outcome.
I would rate this solution an eight out of 10.
View full review »MK
Midhun Kumar
Head of Infrastructure at Pearl Data Direct
Because we are using the community version, we were unable to explore features such as behavior analytics.
I would rate this solution a five out of ten.
View full review »Buyer's Guide
AlienVault OSSIM
April 2024
Learn what your peers think about AlienVault OSSIM. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
767,847 professionals have used our research since 2012.