AlienVault OSSIM Reviews

AlienVault OSSIM is the #8 ranked solution of our top Security Information and Event Management (SIEM) tools. It's rated 3.8 out of 5 stars, and is most commonly compared to AT&T AlienVault USM - AlienVault OSSIM vs AT&T AlienVault USM

Filter by:
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
RajaniKant Singh
Real User
CISO with 1,001-5,000 employees
Dec 17 2018

What is most valuable?

The threat alerts it gives me from time to time on harmful code within the network, or if it is generating any network traffic, are very useful. However, it takes some time. It does not give me a… more »

How has it helped my organization?

We have various media organizations from which we get data into our network and then it goes out. If you put any control, any device, or anything to sense the traffic, it will say that it's malicious… more »

What needs improvement?

I find it very useful when it is for a small or mid-size enterprise. The problem I see in this product is that it is not meant for a large business or for managing critical business services… more »

What's my experience with pricing, setup cost, and licensing?

A product like Splunk will squeeze you for money if you ask them to provide similar services. So I find this solution very useful in that sense. AlienVault pricing is the best. Whatever cost you are… more »

Which solution did I use previously and why did I switch?

I've used and evaluated QRadar vs AlientVault very extensively - I was working with IBM. I used it for ten years. I used and have compared ArcSight vs AlienVault as well, at my previous organization… more »

What other advice do I have?

If your network is flat, if it is not that complicated, then you should go for it. I'm using it free of cost, so I'm very happy with AlienVault. I'm the only one who's controlling it. I have a team of… more »
Denis L
Reseller
Sales Solutions Engineer at a tech services company with 501-1,000 employees
Sep 25 2019

How has it helped my organization?

When we forward in-traffic from our one interface to Network IDS in OSSIM, we can see all of the requests that we have to and from that interface. Because of integration with Open Threat Exchange from… more »

What needs improvement?

We need more dashboards and we need more customization for dashboards. It would be great if they would improve in this area.

What's my experience with pricing, setup cost, and licensing?

OSSIM is free.

Which solution did I use previously and why did I switch?

OSSIM was the first solution that I used in this area. I started to work with its commercial brother, AlienVault USM. When I started to use that, I received some question from my customers about… more »

What other advice do I have?

I used this product for about a year. It was on-premise. My advice is to just read the manual. OSSIM is very simple. If you know why you need to use it, you will be happy. The biggest lesson is that… more »

Which other solutions did I evaluate?

I didn't look at other options. OSSIM is the only solution that includes the large number of modules that we need: a vulnerability scanner, a network IDS system, a host IDS system. The solution also… more »
Learn what your peers think about AlienVault OSSIM. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
438,441 professionals have used our research since 2012.
Real User
Director at a tech services company with 51-200 employees
Jul 23 2020

What is most valuable?

The solution offers great models with good integration and this is one of the out-of-the-box features which you're able to easily enable and get it up and running. It's a big plus for the product, because you don't have to bother your head about doing the integrations. Other good features include an inbuilt IDS, an inbuilt integration with their own threat intelligence platform which is the OTX… more »

What needs improvement?

I believe this solution still has a way to go. From a management console perspective and the maturity of the dashboards, I would probably put it slightly behind some of the other players that have been in the market for ages. The leading vendors of SIEM already have a very mature user interface with evolved dashboards and reporting mechanisms. There is a lot of depth in that, but not everybody is… more »

What other advice do I have?

Most of the SOC or SIEM enterprise class products are very expensive, whereas with OSSIM you can start out with a smaller setup and then expand as you wish. It's great because you get a pre-integrated, ready to run platform, which you can deploy. You don't have to bother about the integrations too much. This platform provides an adequate level of experience for that kind of an integrated… more »
Sharad Agrawal
Real User
Co-Founder and Director - Information Technology at Techneow
Jul 31 2020

What is most valuable?

We really like the solution's architecture. There's a logon, clients, an agent, and then the server. All of these were deployed in a multilayer architecture. The threat policies of the solution are always very advanced and the best in the… more »

What needs improvement?

The pricing of the solution needs to be improved. There needs to be more support or some kind of training program so users can self-learn the system more effectively.

What's my experience with pricing, setup cost, and licensing?

I'm not sure what the cost of the solution is. It may be in the ballpark of $60,000 to $100,000.

Which solution did I use previously and why did I switch?

We were pretty limited to AlienVault with this particular client. They needed something on-premises and didn't want to look at cloud options. We've used QRadar and Sentinal in the past, however, for this customer, we decided AlienVault was… more »

What other advice do I have?

We're just customers. We don't have a business relationship with the product. We're using the enterprise edition of the solution, the MSSP edition, however, I'm unsure which version it is we're currently on. Typically, we get requests for… more »
MohamedMohsen
Reseller
Founder & CEO at MnZ Technology Solutions
Aug 18 2019

What is most valuable?

What I like about this product, is that it is a fully-fledged solution. I don't need to buy any complementary products, everything comes in one box.

What needs improvement?

I would like to see an improvement in their threat exchange database because the OTX is not the best thing in the marketplace. There are better solutions. So if they could enhance our feature… more »

What's my experience with pricing, setup cost, and licensing?

The price was good and it matched out budget at that stage.

Which solution did I use previously and why did I switch?

We also used IBM QRadar before, but we did not get proper support and that's why we switched to AlienVault.

What other advice do I have?

If anybody asked me if am I happy with AlienVault, I would say that it is a very good product. Frankly speaking, if anybody asked me about QRadar or ArcSight I will say the same, but it requires lots… more »

Which other solutions did I evaluate?

We looked at ArcSight as an option at the beginning, but the pricing was not what we were looking for. And we don't have the proper channel to sell ArcSight in Egypt. That's why we decided to go to… more »
Jim Poehlman
Real User
Chief Wealth Cybersecurity Architect at PWcyber
Feb 23 2020

What is most valuable?

The dashboard is the solution's most valuable aspect. It brings everything into one central point where I can actually look at it and go, "Okay, I understand what's going… more »

How has it helped my organization?

I can't really discuss how this helps my organization. I'm running this from my home, so this is not a business I'm using it for. What I do is I log in infrequently to the… more »

What needs improvement?

I'm not sure if there's anything on the solution that needs improvement. I would like the solution to be able to integrate with my firewall, my IDS and my Honeypot… more »

What's my experience with pricing, setup cost, and licensing?

The solution is free to use.

Which solution did I use previously and why did I switch?

I didn't previously use a different solution, at least not at my house.

What other advice do I have?

I would advise others to not implement it for any enterprise-level organization. However, it would definitely be a good solution for a small business environment. I would… more »

Which other solutions did I evaluate?

I didn't evaluate any other options. I already knew enough about them, and this was the only free solution, which is why I chose it.
Fareed Jamali
Real User
Research Assistant at a tech services company with 51-200 employees
Jun 23 2020

What is most valuable?

A very good feature of AlienVault OSSIM is that it has many domains that can be integrated from different solutions. For example, if we have a firewall and I want to connect it with the AlienVault OSSIM, there is already a grid affecting that. From that perspective, it's a very good solution in that almost everything can be integrated and that makes it better than other SIEM solutions. The great… more »

What needs improvement?

The GUI could be improved, and the solution could include a specialization tool. The correlation engine and the scalability of this product should be improved. And then I think it also needs to have the grid potential because when we talk about SIEM it's not just a few machines, it's hundreds and that means thousands of logs so the product should be more easily scalable. The features I would like… more »

What other advice do I have?

Those who are looking for a solution like this one should first conduct a survey. There are other solutions which are quite capable of doing similar things, even open source solutions. If a company can afford a commercial solution, they should go for that rather than for an open source solution. It requires an expert to assess the situation. A small mistake can lead to a big problem; opensource is… more »
Tamer Serag Ahmed
Consultant
Cyber Security Consultant at Besafe-tech
Feb 10 2020

What is most valuable?

The most valuable features of this solution are the data correlation and vulnerability assessment.

What needs improvement?

The price of this solution is very high and it could be cheaper. Normally it is sold to financial institutions, which is why it is high.

What's my experience with pricing, setup cost, and licensing?

There are two versions of AlienVault available. The Community Edition is free, and the other version requires a license. The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this.

What other advice do I have?

There is a cloud version of this solution available, called AlienVault USM Anywhere, which defends data that is outside of the premises. The OSSIM version is an open-source product, unlike AlienVault USM, or the cloud version, AlienVault USM Anywhere. You have to rely on the community for support… more »
See 7 More AlienVault OSSIM Reviews

What is AlienVault OSSIM?

AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

Also known as
OSSIM
AlienVault OSSIM customers

Council Rock School District

BUYER'S GUIDE
Download our free AlienVault OSSIM Report and get advice and tips from experienced pros sharing their opinions.