We performed a comparison between AlienVault OSSIM and Exabeam Fusion SIEM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution offers a lot of data on events. It helps us create specific detection strategies."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The dashboard is the solution's most valuable aspect. It brings everything into one central point where I can actually look at it and go, "Okay, I understand what's going on.""
"The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable at least you can do something about it."
"You can customize the dashboards as well as the reporting."
"OSSIM is the only solution that includes the large number of modules that we need: a vulnerability scanner, a network IDS system, a host IDS system."
"There are a lot of people you will find using OSSIM since they are also offering OTX as a service"
"Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. It is also free and very powerful."
"The threat policies of the solution are always very advanced and the best in the market. They are very persistent in terms of keeping up with security protocols."
"The most valuable features of AlienVault OSSIM are vulnerability assessment, network intrusion detection system, response to critical events, and awareness of the whole network."
"The solution's initial setup process is easy."
"The setup is not difficult. It was easy."
"The advanced analytics has a really great overview of user behavior."
"Timeline based analysis; good platform support"
"It's a very user-friendly product and it's a very comprehensive technology."
"Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions."
"I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful."
"The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"We'd like to see more connectors."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"The solution needs more integration with cyber intelligence systems."
"AlienVault OSSIM’s configuration and integration could be a little easier."
"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."
"The documentation could be improved."
"I don't like to work on OSSIM because it is unpredictable."
"There needs to be more support or some kind of training program so users can self-learn the system more effectively."
"We need more dashboards and we need more customization for dashboards."
"The user interface needs to be friendlier across the board."
"The initial setup of Exabeam Fusion SIEM is complex because it needs to integrate with the SIEM solution, but after this is complete it is straightforward."
"We still have questions surrounding hardware deployment."
"We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."
"The organzation is rigid and not flexible in the way they operate"
"They should provide detailed information about detecting phishing emails."
"I believe if it were more flexible it would be a better product."
"The only problem is that the UI is not very impressive."
"Updating the new release of Exabeam Fusion SIEM takes time and slows our performance."
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 26 reviews while Exabeam Fusion SIEM is ranked 28th in Security Information and Event Management (SIEM) with 10 reviews. AlienVault OSSIM is rated 7.4, while Exabeam Fusion SIEM is rated 8.0. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of Exabeam Fusion SIEM writes "Enables centralized log collection on a single platform". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and Fortinet FortiSIEM, whereas Exabeam Fusion SIEM is most compared with IBM Security QRadar, Palo Alto Networks Cortex XSOAR, Splunk Enterprise Security, Splunk User Behavior Analytics and Gurucul UEBA. See our AlienVault OSSIM vs. Exabeam Fusion SIEM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
