We performed a comparison between AlienVault OSSIM and Fortinet FortiSIEM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The UI-based analytics are excellent."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"It has basic out-of-the-box integrations with multiple log sources."
"The analytic rule is the most valuable feature."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The solution has a very good open source community, and whenever we have problems, we are always able to resolve it online."
"The initial setup is straightforward."
"You can customize the dashboards as well as the reporting."
"Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. It is also free and very powerful."
"The solution is free to use."
"AlienVault OSSIM is an enterprise solution that sells easily. It is rated highly by organizations."
"The product is easy to use."
"OSSIM is the only solution that includes the large number of modules that we need: a vulnerability scanner, a network IDS system, a host IDS system."
"The product is quite well-organized. The GUI makes it easy to navigate."
"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."
"We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers."
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"The primary valuable feature is that it has replaced a whole lot of other products with one platform."
"To add workers and even collectors is pretty easy."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"The ability to write my own parsers for the devices that are not supported by Fortinet is the most valuable feature."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"Sentinel's reporting is complex and can be more user-friendly."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"I would like to see more AI used in processes."
"Sometimes technical issues take very long to get resolved."
"The solution needs more integration with cyber intelligence systems."
"AlienVault OSSIM should improve the deployment and make it unified like the USM."
"The correlation engine needs to be improved."
"I don't like to work on OSSIM because it is unpredictable."
"It's so hard to configure and explore something new on it."
"AlienVault OSSIM gives unwanted notifications."
"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."
"The graphs on the user interface could be improved as we often experience glitches."
"Areas for improvement would be the ease of use and the integration with Fortinet's own products."
"Fortinet FortiSIEM could improve to extend to several locations or sites."
"The biggest thing that could be better is a quicker response to support cases."
"They need to integrate better with Cisco and Palo Alto."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
"The policy editing should be easier. Right now, it's too hard."
"Its training can be improved. Its price also needs to be improved."
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 26 reviews while Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews. AlienVault OSSIM is rated 7.4, while Fortinet FortiSIEM is rated 7.6. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and AWS Security Hub, whereas Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ManageEngine EventLog Analyzer. See our AlienVault OSSIM vs. Fortinet FortiSIEM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.