Try our new research platform with insights from 80,000+ expert users

AlienVault OSSIM vs Elastic Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AlienVault OSSIM
Ranking in Security Information and Event Management (SIEM)
8th
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
31
Ranking in other categories
No ranking in other categories
Elastic Security
Ranking in Security Information and Event Management (SIEM)
5th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
65
Ranking in other categories
Log Management (11th), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (8th), Extended Detection and Response (XDR) (10th)
 

Mindshare comparison

As of July 2025, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 3.4%, down from 4.1% compared to the previous year. The mindshare of Elastic Security is 5.6%, down from 8.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

HarshBhardiya - PeerSpot reviewer
An open-source solution that provide good detection and more visibility
The solution is not scalable. It impacts so hard. In the initial stages, AlienVault OSSIM can be suitable for small environments. There may be limitations if the customer expresses a desire to expand and add more devices. In such cases, we would need to either explore additional solutions or work within the constraints of the existing setup. We have set up alerts and configured everything in AlienVault OSSIM. It actively monitors for any security incidents. It provides us with regular updates and notifications about any ongoing activities. Only one person is using the solution. It is the perfect solution for small businesses. I rate the solution’s scalability a three out of ten.
SyedAli17 - PeerSpot reviewer
Centralized monitoring improves security posture through rapid data processing
The processing part of Elastic Security ( /products/elastic-security-reviews ) is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of AlienVault OSSIM are vulnerability assessment, network intrusion detection system, response to critical events, and awareness of the whole network."
"OSSIM is the only solution that includes the large number of modules that we need: a vulnerability scanner, a network IDS system, a host IDS system."
"It has helped us remediate threats in the past by providing significant events that assisted in identifying suspicious activities, such as logins from multiple countries."
"With AlienVault you get everything in one box."
"AlienVault OSSIM's GUI is very user-friendly."
"The most valuable features of this solution are the data correlation and vulnerability assessment."
"The initial setup was straightforward. I didn't have any problems."
"The paid version of the solution has reporting and better scalability options."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"The most valuable feature is the speed, as it responds in a very short time."
"The solution's most valuable features are anomaly detection and connectivity reporting."
"Elastic Security offers advanced features such as machine learning and integration with ChatGPT."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"The feature that we have found the most valuable is scalability."
"It's open-source and free to use."
 

Cons

"Sometimes technical issues take very long to get resolved."
"The incidence reporting could be better."
"AlienVault OSSIM’s configuration and integration could be a little easier."
"The user interface needs to be friendlier across the board."
"AlienVault OSSIM failed to provide our company a full insight, while also giving out a lot of false positives."
"I would like the solution to be able to integrate with my firewall, my IDS and my Honeypot solutions so that it can provide real-time reporting as things occur and then have alert sent to me on my phone when suspicious activity is happening."
"AlienVault OSSIM gives unwanted notifications."
"AlienVault OSSIM is costly."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"It would be better if Elastic Security had less storage for data. My customers do not like this. Other vendors have local support in different countries, but Elastic Security doesn't. I would like to have Operational Technology (OT) security in the next release."
"There isn't really a very good user experience. You need a lot of training."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"It could use maybe a little more on the Linux side."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
 

Pricing and Cost Advice

"I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log."
"When comparing AlienVault OSSIM to Microsoft Sentinel, AlienVault OSSIM incurs additional costs due to its licensing price structure. If you are using AlienVault for security purposes at a certain level it can have a higher price point than the current pricing of Microsoft Sentinel."
"AlienVault OSSIM is an open-source solution."
"We are using the community version, which can be used for free."
"The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this."
"OSSIM is open source, and USM is the paid license. So, if you want, you can switch to USM. There you will have to buy a license, and they have a support team that helps you out on issues you face."
"The tool's licensing costs are yearly."
"AlienVault OSSIM is free."
"The solution is not expensive and costs around ten dollars a month."
"There is no charge for using the open-source version."
"When compared to other products, the price is average or on the low side."
"The product offers an amazing pricing structure. Price-wise, the product is very competitive."
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
"We use the open-source version, so there is no charge for this solution."
"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
"I can say that the product is cheaply priced."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
861,481 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Comms Service Provider
10%
Financial Services Firm
8%
University
8%
Computer Software Company
16%
Government
9%
Financial Services Firm
9%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for AlienVault OSSIM?
It depends. I would need to review their cost models, but generally, they are on a scaled basis based on throughput usage. Because it's a software as a service solution for their core product for U...
What needs improvement with AlienVault OSSIM?
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implement...
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Since Elastic Security is community-based, it does not require significant costs. This is beneficial for SMEs as they do not need extensive budgets for security solutions.
 

Also Known As

OSSIM
Elastic SIEM, ELK Logstash
 

Overview

 

Sample Customers

Council Rock School District
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Find out what your peers are saying about AlienVault OSSIM vs. Elastic Security and other solutions. Updated: July 2025.
861,481 professionals have used our research since 2012.