AlienVault OSSIM Reviews

Filter by:Reset all filters
industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
rating
Loading...
Filter Unavailable
RajaniKant Singh
Real User
CISO with 1,001-5,000 employees
Dec 17 2018

What is most valuable?

The threat alerts it gives me from time to time on harmful code within the network, or if it is generating any network traffic, are very useful. However, it takes some time. It does not give me a… more»

How has it helped my organization?

We have various media organizations from which we get data into our network and then it goes out. If you put any control, any device, or anything to sense the traffic, it will say that it's malicious… more»

What needs improvement?

I find it very useful when it is for a small or mid-size enterprise. The problem I see in this product is that it is not meant for a large business or for managing critical business services… more»

What's my experience with pricing, setup cost, and licensing?

A product like Splunk will squeeze you for money if you ask them to provide similar services. So I find this solution very useful in that sense. AlienVault pricing is the best. Whatever cost you are… more»

If you previously used a different solution, which one did you use and why did you switch?

I've used and evaluated QRadar vs AlientVault very extensively - I was working with IBM. I used it for ten years. I used and have compared ArcSight vs AlienVault as well, at my previous organization… more»

What other advice do I have?

If your network is flat, if it is not that complicated, then you should go for it. I'm using it free of cost, so I'm very happy with AlienVault. I'm the only one who's controlling it. I have a team of… more»
Salesengine67
Reseller
Sales Engineer at a tech vendor with 51-200 employees
Sep 25 2019

How has it helped my organization?

When we forward in-traffic from our one interface to Network IDS in OSSIM, we can see all of the requests that we have to and from that interface. Because of integration with Open Threat Exchange from… more»

What needs improvement?

We need more dashboards and we need more customization for dashboards. It would be great if they would improve in this area.

What's my experience with pricing, setup cost, and licensing?

OSSIM is free.

If you previously used a different solution, which one did you use and why did you switch?

OSSIM was the first solution that I used in this area. I started to work with its commercial brother, AlienVault USM. When I started to use that, I received some question from my customers about… more»

What other advice do I have?

I used this product for about a year. It was on-premise. My advice is to just read the manual. OSSIM is very simple. If you know why you need to use it, you will be happy. The biggest lesson is that… more»

Which other solutions did I evaluate?

I didn't look at other options. OSSIM is the only solution that includes the large number of modules that we need: a vulnerability scanner, a network IDS system, a host IDS system. The solution also… more»
Find out what your peers are saying about AT&T, Splunk, Fortinet and others in Security Information and Event Management (SIEM). Updated: September 2019.
371,062 professionals have used our research since 2012.
MohamedMohsen
Reseller
Founder & CEO at MnZ Technology Solutions
Aug 18 2019

What is most valuable?

What I like about this product, is that it is a fully-fledged solution. I don't need to buy any complementary products, everything comes in one box.

What needs improvement?

I would like to see an improvement in their threat exchange database because the OTX is not the best thing in the marketplace. There are better solutions. So if they could enhance our feature… more»

What's my experience with pricing, setup cost, and licensing?

The price was good and it matched out budget at that stage.

If you previously used a different solution, which one did you use and why did you switch?

We also used IBM QRadar before, but we did not get proper support and that's why we switched to AlienVault.

What other advice do I have?

If anybody asked me if am I happy with AlienVault, I would say that it is a very good product. Frankly speaking, if anybody asked me about QRadar or ArcSight I will say the same, but it requires lots… more»

Which other solutions did I evaluate?

We looked at ArcSight as an option at the beginning, but the pricing was not what we were looking for. And we don't have the proper channel to sell ArcSight in Egypt. That's why we decided to go to… more»
Tamer Serag Ahmed
Consultant
Cyber Security Consultant at Besafe-tech
Sep 10 2019

What is most valuable?

The most valuable features of this solution are the data correlation and vulnerability assessment.

What needs improvement?

The price of this solution is very high and it could be cheaper. Normally it is sold to financial institutions, which is why it is high.

What's my experience with pricing, setup cost, and licensing?

There are two versions of AlienVault available. The Community Edition is free, and the other version requires a license. The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this.

What other advice do I have?

There is a cloud version of this solution available, called AlienVault USM Anywhere, which defends data that is outside of the premises. The OSSIM version is an open-source product, unlike AlienVault USM, or the cloud version, AlienVault USM Anywhere. You have to rely on the community for support… more»
BonganiMkwananzi
Consultant
Owner & Cyber Security Consultant at Sekurisor
Sep 03 2019

What is most valuable?

The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable, at least you can do… more»

What needs improvement?

It's not easy to add a device that doesn't have a steady IP. Particularly when you're not putting a sensor on-site. When you have a sensor on-site, then that sensor speaks to the main sensor. We are… more»

What's my experience with pricing, setup cost, and licensing?

The solution is open-source, so it's free to use.

If you previously used a different solution, which one did you use and why did you switch?

We didn't previously use another solution.

What other advice do I have?

We use the cloud deployment model. I have a server that I subscribe people to. I would advise others to consider, if they get more customers, to do the commercial version the OSSIM from AlienVault… more»

Which other solutions did I evaluate?

We did evaluate another solution.
Real User
Cyber Security Specialist at AEC
Aug 15 2019

What is most valuable?

AlienVault sometimes works like an appendix. It's not accurate in most cases, but we use an agent like WinCollect to collect logs. We collate the information. The solution is fast-acting when it comes to collecting the logs, and for all the… more»

What needs improvement?

The log collection is okay, but tracing the logs or tracing the events is a bit difficult. It's not user-friendly. A user must be an expert and must know how to give the logs, how to configure the system, etc. He has to be an expert on this… more»

What's my experience with pricing, setup cost, and licensing?

The solution is open-source, so there are no licensing costs.

If you previously used a different solution, which one did you use and why did you switch?

I previously used QRadar and Splunk.

What other advice do I have?

I've used this for a small environment, and it was amazing. I'm currently converting to QRadar now because I am expanding. I am handling more than 30,000 events per second. I can't use Alien Vault, as it's too high a threshold. I do… more»
Idris Aliyu
Real User
HEAD OF ENGINEERING at a tech services company with 1-10 employees
Aug 15 2019

What needs improvement?

The solution needs more integration with cyber intelligence systems. Our customers want to use a single tool for managing cybersecurity. We want integration with existing tools and integration with newer tools that offer the ability to manage or to identify security vulnerabilities in a gateway system or firewall. Basically, we want the solution to offer configuration management. I would want it… more»

What's my experience with pricing, setup cost, and licensing?

The solution is open-source. You need to pay for support if you want it.

What other advice do I have?

We use the on-premises deployment model. We have a small setup. It's an environment that supports only about 20 users, so, it's not really a complex setup. I would give the solution a rating of seven out of ten. I believe if I paid for the support I'd get a higher quality of software and other additional functionalities.
Kuzey Aksu
Real User
Information Security Manager at a financial services firm with 201-500 employees
Aug 28 2019

What is most valuable?

AlienVault's features are all quite valuable. Using the CM to get post pay logs and lateral pay logs to a connection is also helpful.

What needs improvement?

The biggest thing I always complain about is that the user intake is a very old version. In cloud versions, it is very good, but for on-premises versions, it's not so good. If they want to improve the on-premises version, they should upgrade the SQL. The user interface could be improved.

What's my experience with pricing, setup cost, and licensing?

You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think AlienVault has the best price-performance ratio.

What other advice do I have?

We use the on-premises deployment model. I would rate the solution nine out of ten.
See 1 More AlienVault OSSIM Reviews

Articles

User Assessments By Topic About AlienVault OSSIM

Find out what your peers are saying about AT&T, Splunk, Fortinet and others in Security Information and Event Management (SIEM). Updated: September 2019.
371,062 professionals have used our research since 2012.

AlienVault OSSIM Questions

What is AlienVault OSSIM?

AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

Also known as
OSSIM
AlienVault OSSIM customers

Council Rock School District

BUYER'S GUIDE
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about AT&T, Splunk, Fortinet, and more!
Sign Up with Email