The most valuable features of AlienVault OSSIM are case management, ease of configuration, and investigation.

The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue.

Regular meetings are conducted every ten to twenty days to update network issues. Due to restrictions, users face challenges when accessing WhatsApp from outside Saudi Arabia. To bypass this, they use VPNs. When a user logs into Office 365 via VPN, the system sends me a notification indicating their login. 

AlienVault OSSIM's GUI is very user-friendly.

This product is easy to use.

The support is very good and they offer managed services.

The dashboards are good. You can customize the dashboards as well as the reporting.

The product is easy to use.

The solution is free to use. 

AlienVault's features are all quite valuable. Using the CM to get post pay logs and lateral pay logs to a connection is also helpful.

Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. 

It is also free and very powerful.

The most valuable features of this solution are the data correlation and vulnerability assessment.

The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable, at least you can do something about it.

The threat alerts it gives me from time to time on harmful code within the network, or if it is generating any network traffic, are very useful. However, it takes some time. It does not give me a prompt response for any such traffic. It takes time to get that alert from the AlienVault system.

I'm using it for discovering assets every day. If there are any changes in my network, I give it additional subnets which have been added. It adds all the assets to my dashboard.

AlienVault OSSIM is an enterprise solution that sells easily. It is rated highly by organizations. 

The most valuable features of AlienVault OSSIM are vulnerability assessment, network intrusion detection system, response to critical events, and awareness of the whole network.

The paid version of the solution has reporting and better scalability options.

We really like the solution's architecture. There's a logon, clients, an agent, and then the server. All of these were deployed in a multilayer architecture.

The threat policies of the solution are always very advanced and the best in the market. They are very persistent in terms of keeping up with security protocols.

What I like about this product, is that it is a fully-fledged solution. I don't need to buy any complementary products, everything comes in one box.

A very good feature of AlienVault OSSIM is that it has many domains that can be integrated from different solutions. For example, if we have a firewall and I want to connect it with the AlienVault OSSIM, there is already a grid affecting that. From that perspective, it's a very good solution in that almost everything can be integrated and that makes it better than other SIEM solutions.

The great thing is that the networking configuration features are good and integrations don't need to be done manually. Of course it's possible but there's an automatic option for configuring networks and there's a plug in for different kinds of solutions. Network security firewalls, IDS, and the like are things that already exist. 

The self-paced training is pretty good. 

The initial setup is straightforward. 

We've found the solution to be very stable. 

You can scale the solution.

Technical support is excellent. They are very helpful and responsive. 

AlienVault sometimes works like an appendix. It's not accurate in most cases, but we use an agent like WinCollect to collect logs. We collate the information. The solution is fast-acting when it comes to collecting the logs, and for all the inter-process work.

The dashboard is the solution's most valuable aspect. It brings everything into one central point where I can actually look at it and go, "Okay, I understand what's going on."

The solution works well and allows me to have visibility into anomalous events.

The fact that it is free is the most valuable aspect of the solution.

The solution offers great models with good integration and this is one of the out-of-the-box features which you're able to easily enable and get it up and running. It's a big plus for the product, because you don't have to bother your head about doing the integrations.

Other good features include an inbuilt IDS, an inbuilt integration with their own threat intelligence platform which is the OTX, and integration with the vulnerability assessment modules.

The most valuable feature is the logging capability.