AlienVault OSSIM Overview

AlienVault OSSIM is the #11 ranked solution in our list of top Security Information and Event Management (SIEM) tools. It is most often compared to AT&T AlienVault USM: AlienVault OSSIM vs AT&T AlienVault USM

What is AlienVault OSSIM?

AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

AlienVault OSSIM is also known as OSSIM.

AlienVault OSSIM Buyer's Guide

Download the AlienVault OSSIM Buyer's Guide including reviews and more. Updated: January 2021

AlienVault OSSIM Customers

Council Rock School District

AlienVault OSSIM Video

AlienVault OSSIM Archived Reviews (More than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
RajaniKant Singh
CISO with 1,001-5,000 employees
Real User
Top 20
Dec 17, 2018
Provides threat alerts on harmful code in the network

What is our primary use case?

I use it for monitoring. I use it for getting alerts on various malicious activities, if there are such on my network. I'm using the free version of this product, OSSIM. As a media company, we follow MPAA, which is a set of controls for media businesses. The other set of compliance that we follow is DPP. We use AlienVault to comply to their standards.

Pros and Cons

  • "The threat alerts it gives me from time to time on harmful code within the network, or if they are generating any network traffic, are very useful."
  • "It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."

What other advice do I have?

If your network is flat, if it is not that complicated, then you should go for it. I'm using it free of cost, so I'm very happy with AlienVault. I'm the only one who's controlling it. I have a team of five. They are my soft team. They monitor all the alerts 24/7. It takes a team of five to maintain it. I lead the security section and among the other five, two are network specialists and three are system administrators.
Buyer's Guide
Download our free AlienVault OSSIM Report and get advice and tips from experienced pros sharing their opinions.