IT Central Station is now PeerSpot: Here's why

AlienVault OSSIM OverviewUNIXBusinessApplication

AlienVault OSSIM is #24 ranked solution in top Security Information and Event Management (SIEM) tools. PeerSpot users give AlienVault OSSIM an average rating of 6.6 out of 10. AlienVault OSSIM is most commonly compared to AT&T AlienVault USM: AlienVault OSSIM vs AT&T AlienVault USM. AlienVault OSSIM is popular among the large enterprise segment, accounting for 47% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 30% of all views.
Buyer's Guide

Download the Security Information and Event Management (SIEM) Buyer's Guide including reviews and more. Updated: July 2022

What is AlienVault OSSIM?

AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

AlienVault OSSIM was previously known as OSSIM.

AlienVault OSSIM Customers

Council Rock School District

AlienVault OSSIM Video

AlienVault OSSIM Pricing Advice

What users are saying about AlienVault OSSIM pricing:
  • "AlienVault OSSIM is free."
  • "We are using the community version, which can be used for free."
  • "We are using a free version of the solution. If you purchase a license there are more features available but the price is a little high. The solution should be cheaper to allow more customers to be able to afford it."
  • AlienVault OSSIM Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Stephen Hui - PeerSpot reviewer
    Cybersecurity Architect at DataAssure
    Reseller
    Top 5
    It is free, powerful, and user-friendly with a well-integrated dashboard
    Pros and Cons
    • "Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. It is also free and very powerful."
    • "They can add more compliance templates."

    What is most valuable?

    Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. 

    It is also free and very powerful.

    What needs improvement?

    They can add more compliance templates.

    For how long have I used the solution?

    I have been using AlienVault OSSIM since 2015. 

    What do I think about the stability of the solution?

    It is a quite stable product.

    Buyer's Guide
    Security Information and Event Management (SIEM)
    July 2022
    Find out what your peers are saying about AT&T, Elastic, Splunk and others in Security Information and Event Management (SIEM). Updated: July 2022.
    621,548 professionals have used our research since 2012.

    What do I think about the scalability of the solution?

    It is perfectly scalable. We have ten in-house users.

    Which solution did I use previously and why did I switch?

    I have used Splunk. AlienVault OSSIM and Splunk differ mainly in price. In Splunk, we need to do the correlation ourselves. Alienvault OSSIM is more user friendly. I don't have to learn a particular SQL language to do a query. It provides a new way of creating a query for any security event or management. 

    How was the initial setup?

    The initial setup is very straightforward. It doesn't take more than 15 minutes, and you are done.

    We predominantly deploy it on-premises. We have a few deployments on the cloud, but our focus is primarily on the on-premises deployments.

    What's my experience with pricing, setup cost, and licensing?

    AlienVault OSSIM is free.

    What other advice do I have?

    It is a very good solution. It is already more than adequate. It is a perfectly nice and free tool for compliance testing, assessment, and some basic vulnerability. 

    I would advise upgrading to its paid version, USM, to get more features. It's well worth the money because of the provided threat intelligence, support, and training. When you upgrade to the paid version, you enjoy all these features. OSSIM doesn't have all these features because it is a freeware. 

    AlienVault OSSIM is backed up by AT&T Cybersecurity, which is a Fortune Top 20 company. When you upgrade to the paid version, you also get support from AT&T, which is good.

    I would rate AlienVault OSSIM a nine out of ten. I'm very happy with this solution. It is a great product.

    Disclosure: My company has a business relationship with this vendor other than being a customer: partner
    PeerSpot user
    Hakeem  Olufadi - PeerSpot reviewer
    infrastructure and security Analyst at holmen consulting
    Real User
    Easy to set up with good training and helpful technical support
    Pros and Cons
    • "The initial setup is straightforward."
    • "The incidence reporting could be better."

    What is most valuable?

    The self-paced training is pretty good. 

    The initial setup is straightforward. 

    We've found the solution to be very stable. 

    You can scale the solution.

    Technical support is excellent. They are very helpful and responsive. 

    What needs improvement?

    ArcSight works better than AlienVault right now.

    The incidence reporting could be better. We'd like to be able to better privatize certain logs that handle certain detections. It's really important to us. 

    The integration capabilities could be improved. 

    For how long have I used the solution?

    I've been using the solution for over three years at this point. 

    What do I think about the stability of the solution?

    The solution has been quite stable for us. There are no bugs or glitches. It doesn't crash or freeze. It's reliable.

    What do I think about the scalability of the solution?

    The product can scale. The only problem we have with it is the integration. For example, we were trying to integrate a solution in the server for retaining logs on AlienVault. We tried everything possible, however, it just wouldn't integrate. In contrast, when we move to ArcSight, we could do it one time and it was working just fine. There were no integration issues. 

    How are customer service and support?

    When we have had to reach out to them, they were brilliant. They were prompt and very precise. 

    Which solution did I use previously and why did I switch?

    We've used ArcSight as well. We used it on a particular project recently. It's easier to integrate items in it as compared to AlienVault. Aside from that, they are very similar products. 

    How was the initial setup?

    The implementation process is pretty simple and straightforward. It's not difficult or complex at all. A company shouldn't have issues handling it. 

    The only issue that comes into play is when you want to integrate it with other vendors. 

    Overall, I'd rate the deployment process at a four out of five. 

    What other advice do I have?

    I'm a consultant. 

    I'd rate the solution at an eight out of ten. For the most part, I am satisfied with its capabilities. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Security Information and Event Management (SIEM)
    July 2022
    Find out what your peers are saying about AT&T, Elastic, Splunk and others in Security Information and Event Management (SIEM). Updated: July 2022.
    621,548 professionals have used our research since 2012.
    Midhun Kumar - PeerSpot reviewer
    Head of Infrastructure at Pearl Data Direct
    Real User
    Top 5Leaderboard
    Community forums provide good support, but it is not user-friendly and the correlation engine needs improvement
    Pros and Cons
    • "The most valuable feature is the logging capability."
    • "The correlation engine needs to be improved."

    What is our primary use case?

    We are using this solution for collecting logs. We are not correlating or assessing any user behavior analytics (UBA). 

    What is most valuable?

    The most valuable feature is the logging capability.

    What needs improvement?

    The correlation engine needs to be improved.

    The interface is not user-friendly, which is an area for improvement.

    For how long have I used the solution?

    I have been using this solution for one year.

    What do I think about the stability of the solution?

    It's a stable solution.

    What do I think about the scalability of the solution?

    This is certainly a scalable product.

    How are customer service and technical support?

    The Community version does not have any technical support.

    We have been able to resolve some issues through the community forums.

    Which solution did I use previously and why did I switch?

    Previously, we did not use another similar product.

    What's my experience with pricing, setup cost, and licensing?

    We are using the community version, which can be used for free.

    Which other solutions did I evaluate?

    We have decided to implement a fully-featured SIEM solution that has all of the features, including UBA.

    What other advice do I have?

    Because we are using the community version, we were unable to explore features such as behavior analytics.

    I would rate this solution a five out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Chief Operating Officer at a insurance company with 201-500 employees
    Reseller
    Top 20
    Stable, scalable, and useful reporting
    Pros and Cons
    • "The paid version of the solution has reporting and better scalability options."
    • "When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."

    What is our primary use case?

    I have deployed AlienVault OSSIM in a couple of small environments for monitoring.

    What is most valuable?

    The paid version of the solution has reporting and better scalability options.

    What needs improvement?

    When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration.

    For how long have I used the solution?

    I have been using AlienVault OSSIM for approximately seven years.

    What do I think about the stability of the solution?

    The solution is stable.

    What do I think about the scalability of the solution?

    The free version is lacking some of the scalability options.

    Which solution did I use previously and why did I switch?

    I have used QRadar and ArcSight.

    How was the initial setup?

    The configuration of the solution is difficult. There are videos we can watch but we do not have time to watch videos. We want there to be better documentation that we can use.

    What's my experience with pricing, setup cost, and licensing?

    We are using a free version of the solution. If you purchase a license there are more features available but the price is a little high. The solution should be cheaper to allow more customers to be able to afford it.

    Which other solutions did I evaluate?

    I have evaluated ELK Stack and Security Onion.

    What other advice do I have?

    I rate AlienVault OSSIM an eight out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer:
    PeerSpot user
    Buyer's Guide
    Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about AT&T, Elastic, Splunk, and more!
    Updated: July 2022
    Buyer's Guide
    Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about AT&T, Elastic, Splunk, and more!