We performed a comparison between AlienVault OSSIM and SolarWinds Security Event Manager based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"Free ingestion for Azure logs (with E5 licence)"
"It has basic out-of-the-box integrations with multiple log sources."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The initial setup is straightforward."
"AlienVault OSSIM's GUI is very user-friendly."
"The most valuable features of AlienVault OSSIM are vulnerability assessment, network intrusion detection system, response to critical events, and awareness of the whole network."
"The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable at least you can do something about it."
"The solution is very stable. Compared to Qradar and Splunk, it's very stable."
"The solution is free to use."
"Better than other SIEM solutions because almost everything can be integrated."
"The most valuable features of this solution are the data correlation and vulnerability assessment."
"The graphical user interface is very user-friendly. SolarWinds is a hybrid solution so you can use it across many platforms."
"It's easy to build rules and actions based on the logs and event types we collect with the software."
"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
"The solution helps me to go back in time and search for different events. For example, if you wanted to know who activated an account; you could go back in time and find out."
"SolarWinds Security Event Manager has been generally working well."
"SolarWinds is easy to configure, and it provides timely alerts."
"This tool is simple to use."
"The most valuable feature of this solution is the visibility into both attempted and failed logins."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"I would like to see more AI used in processes."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."
"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."
"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."
"We need more dashboards and we need more customization for dashboards."
"There needs to be more support or some kind of training program so users can self-learn the system more effectively."
"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."
"Lacking in depth of reporting."
"AlienVault OSSIM could improve by having better integration with some of the newer tools."
"I don't think SolarWinds is scalable enough. It is somewhat limited when I need to deploy it across multiple environments in a distributed architecture."
"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."
"The only issue is the pricetag. SolarWinds is a costly solution."
"The product should improve the ease with which you can create event alerts. They are not as hard now but you need to have an easier way."
"It can be difficult for users who are inexperienced with the solution."
"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."
"There are no multiple dashboards which would allow you to see information side-by-side."
"We'd like more customization capabilities."
More SolarWinds Security Event Manager Pricing and Cost Advice →
AlienVault OSSIM is ranked 16th in Security Information and Event Management (SIEM) with 26 reviews while SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews. AlienVault OSSIM is rated 7.4, while SolarWinds Security Event Manager is rated 7.6. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere and Splunk Enterprise Security, whereas SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender XDR and ArcSight Enterprise Security Manager (ESM). See our AlienVault OSSIM vs. SolarWinds Security Event Manager report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.