AlienVault OSSIM Reviews

Name: AlienVault OSSIM
Brand: AT&T
Rating: 3.7 (31 reviews)

Vendor: AT&T

3.7 out of 5

31 reviews
80% willing to recommend

Leave a review

What is AlienVault OSSIM?

AlienVault OSSIM integrates threat alerts, asset discovery, and data correlation with vulnerability assessment, logging, and network configuration for enhanced usability and threat intelligence via OTX, appealing to those seeking an open-source SIEM solution with comprehensive features.

Get the AlienVault OSSIM Buyer's Guide and find out what your peers are saying about AlienVault OSSIM, Wazuh, Splunk Enterprise Security and more!

AlienVault OSSIM is the #13 ranked solution in top Security Information and Event Management (SIEM) solutions. PeerSpot users give AlienVault OSSIM an average rating of 7.4 out of 10. AlienVault OSSIM is most commonly compared to Wazuh: AlienVault OSSIM vs Wazuh. AlienVault OSSIM is popular among the large enterprise segment, accounting for 46% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 14% of all views.

Helped 891,869 peers since 2012

Featured AlienVault OSSIM reviews

Brandon Pearce

Independent Contractor at a comms service provider with 5,001-10,000 employees

Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implementation. The main area where the AlienVault product was lacking around the 2018 timeframe was in its ability to scale. By pushing it to a cloud-based system, they've largely alleviated scale issues. It's native in Amazon but will also run in Azure. They have worked with cloud service providers to offer enough throughput at a cost reasonable for a corporation. Scaling was their biggest problem, and they've largely conquered those issues.

Read full review

Tigabu Ab

Soc at a financial services firm with 5,001-10,000 employees

The primary use case is as a comprehensive Security Information and Event Management (SIEM) system, with more focus on internet access. It is used in the organization's threat detection and response strategies. Additionally, it was deployed in our on-premises servers to integrate log sources and…

Read full review

HarshBhardiya

SOC Engineer at a outsourcing company with 10,001+ employees

The solution is not scalable. It impacts so hard. In the initial stages, AlienVault OSSIM can be suitable for small environments. There may be limitations if the customer expresses a desire to expand and add more devices. In such cases, we would need to either explore additional solutions or work within the constraints of the existing setup. We have set up alerts and configured everything in AlienVault OSSIM. It actively monitors for any security incidents. It provides us with regular updates and notifications about any ongoing activities. Only one person is using the solution. It is the perfect solution for small businesses. I rate the solution’s scalability a three out of ten.

Read full review

AlienVault OSSIM mindshare

As of April 2026, the mindshare of AlienVault OSSIM in the Security Information and Event Management (SIEM) category stands at 1.4%, down from 3.8% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Mindshare Distribution
Product	Mindshare (%)
AlienVault OSSIM	1.4%
Splunk Enterprise Security	7.0%
IBM Security QRadar	5.2%
Other	86.4%

Security Information and Event Management (SIEM)

PeerResearch reports based on AlienVault OSSIM reviews

Type	Title	Date
Category	Security Information and Event Management (SIEM)	Apr 29, 2026	Download
Product	Reviews, tips, and advice from real users	Apr 29, 2026	Download
Comparison	AlienVault OSSIM vs Splunk Enterprise Security	Apr 29, 2026	Download
Comparison	AlienVault OSSIM vs Wazuh	Apr 29, 2026	Download
Comparison	AlienVault OSSIM vs IBM Security QRadar	Apr 29, 2026	Download

Valuable Features

AlienVault OSSIM is praised for its threat alerts, asset discovery, and log collection. The open vault component and vulnerability assessments are valuable, while the dashboard provides centralized visibility. The integration capabilities are efficient, supporting various solutions and offering automation options. Features like inbuilt IDS and threat intelligence integration highlight its effectiveness. User-friendliness, ease of configuration, logging capabilities, and security detection are key strengths. Its free nature and multilayer architecture make it suitable for diverse organizations.

"Technical support is excellent; they are very helpful and responsive."
"The paid version of the solution has reporting and better scalability options."
"The most valuable features of AlienVault OSSIM are vulnerability assessment, network intrusion detection system, response to critical events, and awareness of the whole network."

Room for Improvement

AlienVault OSSIM requires improvements in integration with cyber intelligence systems and ease of configuration. Users find the interface complex and the log tracing difficult. There are concerns about scalability, false positives, and the need for more dashboard customization. Pricing is considered high and deployment can be challenging. Users desire enhanced threat intelligence, better device integration, and improved user experience. The system struggles under heavy traffic and faces stability issues with on-premise setups.

"ArcSight works better than AlienVault right now."
"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."
"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."

ROI

Users found that AlienVault OSSIM helped reduce time spent on manual log analysis, improved threat detection efficiency, and offered valuable insights into network security. It enhanced compliance reporting and provided cost-effective security management. Some noted that while initial setup required effort, the significant reduction in labor costs and improved threat visibility justified the investment.

Pricing

AlienVault OSSIM offers an open-source version free of charge, making it appealing for budget-conscious enterprises. While additional support and premium features incur costs, many users find it competitively priced when compared to high-end alternatives like IBM or Splunk. Some users mention a high price point for licensing, comparable to Microsoft Sentinel, but others highlight a reasonable return on investment. Those purchasing the non-community edition pay annual licensing fees, with pricing adjusted based on usage and support options.

"I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log."
"AlienVault OSSIM is expensive compared to its competitors."
"The tool's licensing costs are yearly."

Popular Use Cases

AlienVault OSSIM users employ it for monitoring networks, threat detection, log collection, and incident management. They utilize it for securing traffic and analyzing security events. It supports vulnerability scanning, Network IDS, and local actions. Users in sectors like media and finance leverage AlienVault OSSIM for compliance and event correlation. They benefit from features aiding SOC setups and cyber security for telecommunications. Integration capabilities extend across diverse hardware and operating systems, enhanced by OTX for open-source threat exchange.

Service and Support

AlienVault OSSIM's customer service has mixed evaluations. Some users find support responsive and effective, while others experience significant delays in issue resolution. Paid support gets positive remarks, but those using free versions often rely on community forums. There is inconsistency in documentation and availability of support for on-premises operations, as AT&T emphasizes cloud solutions. Users highlight the option for US-based support at an additional cost and mention minimal training during implementation.

Deployment

Initial setup of AlienVault OSSIM varies in complexity. Some find it straightforward, requiring minimal time and resources, while others report challenges due to infrastructure size or integration needs. Virtualization issues are noted, with workarounds needed. Lack of up-to-date documentation or training can complicate deployment, though the availability of recent documentation aids configuration. Deployment duration ranges from hours to months, influenced by network complexity and organizational expertise. Integration with third-party tools extends implementation time.

Scalability

AlienVault OSSIM has varied scalability feedback. Some mention it is quite scalable, adaptable with a flexible architecture, while others find it limiting for larger enterprises. It supports mid-sized businesses effectively but may face challenges with extensive expansions. Users have noted integration issues and scalability limits, with mixed scores reflecting both strengths and weaknesses. Many use it successfully within capacity, but for substantial scaling, they may consider external solutions.

Stability

AlienVault OSSIM is stable with some experiencing high reliability, comparing it favorably to other platforms like Qradar and Splunk. Many rate its stability positively, though some note potential issues with older versions and server configurations. Most users do not encounter bugs or crashes. The open-source version has certain limitations but remains dependable when adhering to its restrictions. Some face minor stability concerns, while current versions are seen as improved in performance.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our AlienVault OSSIM Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	16
Midsize Enterprise	6
Large Enterprise	8

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	141
Midsize Enterprise	91
Large Enterprise	199

By visitors reading reviews

Top industries

By visitors reading reviews

Comms Service Provider

14%

Manufacturing Company

Computer Software Company

Educational Organization

University

Financial Services Firm

Healthcare Company

Government

Retailer

Construction Company

Hospitality Company

Media Company

Real Estate/Law Firm

Wholesaler/Distributor

Insurance Company

Non Profit

Transportation Company

Outsourcing Company

Recreational Facilities/Services Company

Performing Arts

Marketing Services Firm

Legal Firm

Non Tech Company

Consumer Goods Company

Logistics Company

Energy/Utilities Company

Aerospace/Defense Firm

Compare AlienVault OSSIM with alternative products

Learn more about AlienVault OSSIM

AlienVault OSSIM offers an open-source platform focused on monitoring and security event management. It enables users to conduct threat detection, vulnerability scanning, log collection, and maintain compliance with standards. Its capabilities in incident management, network visibility, and SOC functions offer a cost-effective approach to security information and event management. OSSIM helps analyze data from diverse sources and triggers alerts for malicious activities. The platform is praised for its integration capabilities, centralized dashboards, and ease of use, attracting those who wish to assess SIEM solutions without heavy investment. However, challenges exist with scalability and integration, especially in large enterprises and regulated environments, requiring interface improvements and configuration ease. Enhancements in log management and false positive reduction are priorities for users.

What features does AlienVault OSSIM offer?

Threat Alerts: Provides timely notifications of potential threats.
Asset Discovery: Identifies and catalogs devices on the network.
Data Correlation: Integrates information from multiple sources to detect complex threats.
Vulnerability Assessment: Scans systems for known vulnerabilities.
Integration Capabilities: Connects with external systems for improved data sharing.
Logging and Dashboards: Centralizes information for easier monitoring and analysis.

What benefits can users expect from AlienVault OSSIM?

Enhanced Security Detection: Comprehensive threat identification features.
Cost-Effectiveness: Delivers security capabilities at lower costs.
Network Traffic Analysis: Offers detailed insights into network activities.
Advanced Threat Policies: Supports sophisticated security policy configuration.

AlienVault OSSIM is deployed in industries requiring robust security event management. It assists in monitoring network traffic and identifying threats in sectors like finance, healthcare, and IT services. By leveraging open-source software, businesses enhance security without incurring excessive costs, making it suitable for small to medium enterprises.

AlienVault OSSIM was previously known as OSSIM.

AlienVault OSSIM customers

Council Rock School District

Product Categories

Security Information and Event Management (SIEM)

Popular Comparisons

Wazuh vs AlienVault OSSIM

Splunk Enterprise Security vs AlienVault OSSIM

IBM Security QRadar vs AlienVault OSSIM

Microsoft Sentinel vs AlienVault OSSIM

Elastic Security vs AlienVault OSSIM

LogRhythm SIEM vs AlienVault OSSIM

Rapid7 InsightIDR vs AlienVault OSSIM

Fortinet FortiSIEM vs AlienVault OSSIM

Exabeam vs AlienVault OSSIM

Anomali vs AlienVault OSSIM

Sentinel vs AlienVault OSSIM

USM Anywhere vs AlienVault OSSIM

Stellar Cyber Open XDR vs AlienVault OSSIM

Securonix Next-Gen SIEM vs AlienVault OSSIM

ManageEngine Log360 vs AlienVault OSSIM

See all alternatives

AlienVault OSSIM Reviews Summary
Author info	Rating	Review Summary
Independent Contractor at a comms service provider with 5,001-10,000 employees	4.0	AlienVault OSSIM is appealing for small to medium businesses due to its cost-effective, cloud-based threat management and integration of OTX. While scaling was once challenging, improvements have been made. ROI depends on the business size and setup.
Soc at a financial services firm with 5,001-10,000 employees	4.0	AlienVault OSSIM serves as our primary SIEM system, focusing on internet access and enhancing security monitoring. While network traffic analysis is efficient, user behavior analytics and integration capabilities require improvement. We evaluated Wazuh and TrueRider before selecting AlienVault.
SOC Engineer at a outsourcing company with 10,001+ employees	4.0	AlienVault OSSIM provides good detection with its agent and OS X, enhancing endpoint visibility and alert features. However, the log management needs improvement, particularly in customizing backup settings for specific devices, which is a limitation for larger environments.
Assistant Manager Global Security at Convergys Corporation	4.0	I use AlienVault OSSIM to monitor device events, but being open-source, it has limitations. Its unpredictability and dependency issues are challenging, and while it lacks features, it's becoming outdated as we transition to Security Data Lake solutions.
Senior System and cyber security administration at Tankeenhr	3.0	I use AlienVault OSSIM to collect and track user login details and activities, focusing on security detection, such as identifying brute-force attacks. It effectively generates reports, but sometimes it sends unnecessary notifications.
Managing Director of Hytec (OLM Group company) at OLM Group company	3.5	I use AlienVault OSSIM for SOC support due to its valuable features like case management, configuration ease, and investigation tools. However, it requires better integration with newer tools and UI modernization. I've also worked with Microsoft Sentinel for similar tasks.
Owner / Area Engineering Manager at Jlgatica	3.5	I am using AlienVault OSSIM as a cybersecurity technician because its GUI is user-friendly. However, it needs improvement in adding features for directives and correlation policies, and its deployment should be more unified, similar to USM.
Information Technology Intern at Maputo Port Development Company SARL	4.5	I use AlienVault OSSIM for cyber security in a telecommunication company. It’s straightforward to use, but the configuration and integration processes could be simpler, as I needed to research to fully understand it. I haven't tried other solutions.

Title	Rating	Mindshare	Recommending
Wazuh	3.7	5.1%	81%	50 interviews Add to research
Splunk Enterprise Security	4.2	7.0%	93%	386 interviews Add to research

AlienVault OSSIM Reviews

What is AlienVault OSSIM?

Featured AlienVault OSSIM reviews

AlienVault OSSIM mindshare

PeerResearch reports based on AlienVault OSSIM reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare AlienVault OSSIM with alternative products

Learn more about AlienVault OSSIM

AlienVault OSSIM customers

Related questions

Product Categories

Popular Comparisons