AlienVault OSSIM vs SolarWinds Security Event Manager comparison

"The most valuable features of AlienVault OSSIM are case management, ease of configuration, and investigation."

"The most valuable features of this solution are the data correlation and vulnerability assessment."

"Asset discovery is good."

"There are a lot of people you will find using OSSIM since they are also offering OTX as a service"

"The solution is free to use."

"Inbuilt IDS, inbuilt integration with threat intelligence platform and with vulnerability assessment modules."

"The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable at least you can do something about it."

"The initial setup was straightforward. I didn't have any problems."

"It supports high availability, which is very helpful."

"It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects."

"SolarWinds is effective for server, network, and log monitoring. It's also good for IP address management. We also have a patch manager, but we're still working on getting that operational."

"SolarWinds' stability is fine. I don't think we've had any software issues."

"The most valuable feature is the reporting."

"The out of the box reports and dashboard. It was easy to trim down these windows to something we could quickly use."

"Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network."

"It's extremely easy to deploy."

"They can add more compliance templates."

"Lacking in depth of reporting."

"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."

"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."

"The price of this solution is very high and it could be cheaper."

"The incidence reporting could be better."

"AlienVault OSSIM gives unwanted notifications."

"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."

"I would like to have a more customizable dashboard."

"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."

"The solution's technical support is okay, but we don't have an SLA, and sometimes the response times are very slow."

"There is no correlation made between log entries, so no threat information is presented."

"There are no multiple dashboards which would allow you to see information side-by-side."

"The company had to use a third party for the implementation of the solution."

"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."

"I imagine we will have to develop our own reports soon, this seems to be more cumbersome."

"OSSIM is open source, and USM is the paid license. So, if you want, you can switch to USM. There you will have to buy a license, and they have a support team that helps you out on issues you face."

"The tool's licensing costs are yearly."

"AlienVault pricing is the best. Whatever cost you are paying, you are getting a return on every penny... It's not like your IBM, your QRadar, or Splunk, where the cost is too high."

"We are using a free version of the solution. If you purchase a license there are more features available but the price is a little high. The solution should be cheaper to allow more customers to be able to afford it."

"We are using the community version, which can be used for free."

"The solution is open source, so it's free to use."

"AlienVault OSSIM is expensive compared to its competitors."

"OSSIM is free."

"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."

"Licenses can only be purchased in blocks of fifty at a time."

"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."

"The pricing model would benefit from having package deals with other SolarWinds products."

"Licensing is on devices, so if you have many, then this may be high."

"The price of SolarWinds Security Event Manager is reasonable."