AlienVault OSSIM Room for Improvement

RajaniKant Singh
CISO with 1,001-5,000 employees
I find it very useful when it is for a small or mid-size enterprise. The problem I see in this product is that it is not meant for a large business or for managing critical business services. AlienVault-like products are not meant for businesses like the banking sector or insurance and places that require strong regulatory compliance, in my experience, because of delays in response. And sometimes it is very complicated to configure this for specific requirements. Writing APIs, etc. takes time. On the other hand, if you look into other products in the market, it's easy to write APIs or integrate them with other database services or middleware and your application layer services, and get the alerts. It does not help me to respond to the threats all the time. That's why we are also working with Splunk. Splunk is used by one of our service providers and we can directly ask them to use Splunk instead of any other SIEM solutions. View full review »
Salesengine67
Sales Engineer at a tech vendor with 51-200 employees
We need more dashboards and we need more customization for dashboards. It would be great if they would improve in this area. View full review »
MohamedMohsen
Founder & CEO at MnZ Technology Solutions
I would like to see an improvement in their threat exchange database because the OTX is not the best thing in the marketplace. There are better solutions. So if they could enhance our feature development, it would make the product much better. For me, the user interface is very important, because the simpler the user interface is, the easier it is to find candidates to run the operation. If the user interface is very complicated, you need to expose your technical people to very intensive training in order to understand the system and to get the output right. So, from a user perspective, I would say the simpler the user interface, the better the product, especially for security issues. You need to let your tech people concentrate on the incident rather than on how to use the software to get the answer. Lastly, if technical issues could be resolved faster, it would be a huge improvement. View full review »
Find out what your peers are saying about AT&T, Splunk, Fortinet and others in Security Information and Event Management (SIEM). Updated: September 2019.
371,917 professionals have used our research since 2012.
Tamer Serag Ahmed
Cyber Security Consultant at Besafe-tech
The price of this solution is very high and it could be cheaper. Normally it is sold to financial institutions, which is why it is high. View full review »
BonganiMkwananzi
Owner & Cyber Security Consultant at Sekurisor
It's not easy to add a device that doesn't have a steady IP. Particularly when you're not putting a sensor on-site. When you have a sensor on-site, then that sensor speaks to the main sensor. We are trying to look for quality devices that give a dynamic IP, so it makes it practically impossible to add a new device. If there was a way to do dynamic DNS, I think that would help. View full review »
Cyberspec67
Cyber Security Specialist at AEC
The log collection is okay, but tracing the logs or tracing the events is a bit difficult. It's not user-friendly. A user must be an expert and must know how to give the logs, how to configure the system, etc. He has to be an expert on this product. The user interface needs to be friendlier across the board. Also, I would prefer if the kill chain scenario with every event was not stacked. I need to be able to do an SQL query and figure out where the event came from and tag to the source and destination. I cannot see this easily as it is right now. View full review »
Idris Aliyu
HEAD OF ENGINEERING at a tech services company with 1-10 employees
The solution needs more integration with cyber intelligence systems. Our customers want to use a single tool for managing cybersecurity. We want integration with existing tools and integration with newer tools that offer the ability to manage or to identify security vulnerabilities in a gateway system or firewall. Basically, we want the solution to offer configuration management. I would want it to be integrated with lasting search, in terms that it could gather a lot of intelligence and dump it into the database. Also, it would be useful if we were able to run analytics on the solution. If they can integrate it with an analytic function it would be better. View full review »
Kuzey Aksu
Information Security Manager at a financial services firm with 201-500 employees
The biggest thing I always complain about is that the user intake is a very old version. In cloud versions, it is very good, but for on-premises versions, it's not so good. If they want to improve the on-premises version, they should upgrade the SQL. The user interface could be improved. View full review »
Seyed Mustafa GonzáLez
Development Manager at a tech services company with 51-200 employees
It's under heavy traffic. If you have heavy traffic, the system is slow. View full review »
Find out what your peers are saying about AT&T, Splunk, Fortinet and others in Security Information and Event Management (SIEM). Updated: September 2019.
371,917 professionals have used our research since 2012.
Sign Up with Email