AlienVault OSSIM vs Netsurion comparison

AT&T and Netsurion are both solutions in the Security Information and Event Management (SIEM) category. AT&T is ranked #12 with an average rating of 7.2, while Netsurion is ranked #53. AT&T holds a 1.9% mindshare in SIEM, compared to Netsurion’s 0.7% mindshare. Additionally, 80% of AT&T users are willing to recommend the solution, compared to 92% of Netsurion users who would recommend it.

AlienVault OSSIM

Read 31 AlienVault OSSIM reviews

4,311 Views
4,225 Comparison Views

80% willing to recommend

Netsurion

Read 24 Netsurion reviews

1,764 Views
935 Comparison Views

92% willing to recommend

AlienVault OSSIM

Netsurion

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

AlienVault OSSIM and Netsurion are two prominent cybersecurity solutions. Netsurion appears to have the upper hand due to its comprehensive feature set and higher perceived value.

Features: AlienVault OSSIM is valued for its threat detection and response capabilities, easy log management, and wide integration options. Netsurion is praised for its extensive security features, managed firewall, and SIEM capabilities. Netsurion's broader feature set makes it appealing to users seeking an all-in-one solution.

Room for Improvement: Users highlight AlienVault OSSIM's need for better scalability and enhanced threat intelligence updates. For Netsurion, reviewers suggest improving reporting functionalities and the complexity of initial configuration. This indicates AlienVault OSSIM could benefit from technical upgrades, while Netsurion needs better usability enhancements.

Ease of Deployment and Customer Service: AlienVault OSSIM is often complimented for its straightforward deployment, but its customer service receives mixed reviews. Netsurion is viewed as more complex to deploy but benefits from stronger customer support. Hence, Netsurion may offer better post-deployment support, despite a tougher initial setup.

Pricing and ROI: AlienVault OSSIM is generally perceived as cost-effective with a quicker ROI. Netsurion, despite being pricier, is seen as delivering good value due to its extensive features and reliable managed services. Users accept Netsurion's higher cost owing to its significant return on investment.

To learn more, read our detailed AlienVault OSSIM vs. Netsurion Report (Updated: December 2025).

Buyer's Guide

AlienVault OSSIM vs. Netsurion

December 2025

Download the complete report

Helped 881,114 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

AlienVault OSSIM

Ranking in Security Information and Event Management (SIEM)

12th

Average Rating

7.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

No ranking in other categories

Netsurion

Ranking in Security Information and Event Management (SIEM)

53rd

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Managed Security Services Providers (MSSP) (33rd), SOC as a Service (14th), Managed Detection and Response (MDR) (37th), Extended Detection and Response (XDR) (47th)

Mindshare comparison

As of January 2026, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 1.9%, down from 4.3% compared to the previous year. The mindshare of Netsurion is 0.7%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM) Market Share Distribution
Product	Market Share (%)
AlienVault OSSIM	1.9%
Netsurion	0.7%
Other	97.4%

Security Information and Event Management (SIEM)

Featured Reviews

Brandon Pearce

Independent Contractor at a comms service provider with 5,001-10,000 employees

Enables cost-effective security management for small businesses

Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implementation. The main area where the AlienVault product was lacking around the 2018 timeframe was in its ability to scale. By pushing it to a cloud-based system, they've largely alleviated scale issues. It's native in Amazon but will also run in Azure. They have worked with cloud service providers to offer enough throughput at a cost reasonable for a corporation. Scaling was their biggest problem, and they've largely conquered those issues.

Read full review

John-Berry

Information Technology Manager at ProfitSolv

The SOC center monitors, hunts, and notifies us of threats around the clock

I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"AlienVault OSSIM's GUI is very user-friendly."

"The solution is very stable. Compared to Qradar and Splunk, it's very stable."

"You can customize the dashboards as well as the reporting."

"Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. It is also free and very powerful."

"Network traffic analysis is highly efficient."

"The most valuable features of this solution are the data correlation and vulnerability assessment."

"The initial setup is straightforward."

"With AlienVault you get everything in one box."

More AlienVault OSSIM pros

"I like EventTracker's dashboard. I see it every time I log in because it's the first thing you get to. We have our own widgets that we use. For the sake of transparency, there are a few widgets that we look at there and then we move out from there... Among the particularly helpful widgets, the not-reporting widget is a big one. The number-of-logs-processed is also a good one."

"When I looked last week, we probably averaged about 20 million log entries a day. So, we certainly can't individually manage that. Just looking at the reports, then trying to go back and find anything that was questionable, was a challenge. Therefore, the managed service has been invaluable to us in terms of being able to narrow the scope of what really needs to be looked at and bringing those things to our attention to be dealt with."

"When it comes to threat detection and response, it does a very good job detecting and blocking on its own. And the SOC is a nice added value because they're doing analysis on things that aren't as obvious, on things that you can't just detect with a signature or behavior. Also, any SIEM will come with a lot of noise, so having them do a lot of the initial analysis to find out what's critical and what issues are false alarms is very good."

"I think Netsurion scales well. We've gone from a small number of agents up to thousands. So I would imagine that it would continue to scale. I don't see any issue with that."

"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."

"Netsurion was easy to deploy. I have worked with other systems that were a little less complex, but they weren't quite as easy to deploy."

"Netsurion's 24/7 monitoring has enhanced the overall security of the company. They have someone looking at the data 24/7 who will call us as needed. If their team spots a malicious process after hours, they notify the appropriate person by phone. We get a lot of actionable threat intelligence from Netsurion. For example, if a user clicks on a malicious link in a web page and starts an unusual process that isn't on the white-list, Netsurion's team can detect it and prevent it from executing. Afterward, they'll notify us by telephone, so we can respond and clean up whatever damage has occurred."

"The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls in."

More Netsurion pros

Cons

"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."

"The incidence reporting could be better."

"I would like the solution to be able to integrate with my firewall, my IDS and my Honeypot solutions so that it can provide real-time reporting as things occur and then have alert sent to me on my phone when suspicious activity is happening."

"The solution needs more integration with cyber intelligence systems."

"AlienVault OSSIM’s configuration and integration could be a little easier."

"The user interface needs to be friendlier across the board."

"There are somewhat more false positives with the user behavior analytics, which could benefit from an additional machine learning model to detect user patterns more rapidly."

"It's so hard to configure and explore something new on it."

More AlienVault OSSIM cons

"There are some issues with searches taking a long period of time, but they assured me that they have implemented a new search function that's available in version 9, but which requires a solid-state hard drive... Depending on how many logs you have it could take a long time to return the results if you're looking back prior to the last 30 days."

"The biggest problem is that we have too many domain controllers. So, we have to keep all the clients and main system updated with the latest versions along with making sure all the firewalls are open."

"The weekly reporting could use some improvement. For example, when we handed them our landscape document, it took longer than I would have liked for those details to become noticeable within the reports."

"The agents on the endpoints seem to fail quite a bit, requiring manual involvement from the local administrators. I would like to see their product be much more ad hoc and update automatically."

"With version 8, there are quite a few things. The query tool was one of the big ones, and the query speed was one of the big ones, but they've made some great strides between versions 8 and 9. There were also issues in version 8 around the ability to get the data back out. It's one thing to collect data, but it's a whole other thing to be able to present it or run it in a timely manner. The old tool, depending on how far back I was looking, might even time out and I would have to run it again."

"I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports."

"We get a report generated on a particular day of the week and we go through it, trying to mitigate problems and make sure we're seeing everything that's happening. It would be helpful if the SOC spent a little more time with us going through some of those reports."

"The deployment of the agents could be a bit easier. We always seem to have a bit of a challenge with that. A lot of times the agents either don't deploy or they quit responding, then we have to go and redeploy them."

More Netsurion cons

Pricing and Cost Advice

"When comparing AlienVault OSSIM to Microsoft Sentinel, AlienVault OSSIM incurs additional costs due to its licensing price structure. If you are using AlienVault for security purposes at a certain level it can have a higher price point than the current pricing of Microsoft Sentinel."

"The solution is open source, so it's free to use."

"The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this."

"The tool's licensing costs are yearly."

"AlienVault OSSIM is expensive compared to its competitors."

"AlienVault OSSIM is an open-source solution."

"AlienVault OSSIM is free."

"We are using the community version, which can be used for free."

More AlienVault OSSIM pricing and cost advice

"When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."

"The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high."

"You are paying for different levels, especially as far as the monitoring goes and how often you review it with the team. The other factor that figures in is how many nodes are on your network, such as clients, network equipment, servers, etc. There are some additional pieces on top of that, but it's laid out pretty simply, as far as how much you're going to pay for a node."

"Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good."

"Netsurion's pricing is competitive. At the same time, they're the only ones who do what we want to do the way we want it. I can't say we would've paid more, but we would've had to have come up with our own solution if they weren't providing that."

"Netsurion's pricing is extremely fair and flexible. The price of their SIEM product is reasonable, and you can pay for those services you want on top of that. It wasn't cheap, but it's competitive, and we intend to renew our contract."

"The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same."

"I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."

More Netsurion pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

881,114 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

13%

Comms Service Provider

11%

Financial Services Firm

Manufacturing Company

Performing Arts

16%

Manufacturing Company

Outsourcing Company

Retailer

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	18
Midsize Enterprise	9
Large Enterprise	8

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	7
Large Enterprise	7

Questions from the Community

What do you like most about AlienVault OSSIM?

Asset discovery is good.

See all answers

What is your experience regarding pricing and costs for AlienVault OSSIM?

It depends. I would need to review their cost models, but generally, they are on a scaled basis based on throughput usage. Because it's a software as a service solution for their core product for U...

See all answers

What needs improvement with AlienVault OSSIM?

See all answers

Ask a question

Earn 20 points

Comparisons

Wazuh vs AlienVault OSSIM

Compared 47% of the time

Venusense USM vs AlienVault OSSIM

Compared 9% of the time

USM Anywhere vs AlienVault OSSIM

Compared 7% of the time

Splunk Enterprise Security vs AlienVault OSSIM

Compared 6% of the time

Elastic Security vs AlienVault OSSIM

Compared 4% of the time

More AlienVault OSSIM Competitors

Legato Security vs Netsurion

Compared 8% of the time

Devo vs Netsurion

Compared 8% of the time

IBM Security QRadar vs Netsurion

Compared 8% of the time

Trellix Helix Connect vs Netsurion

Compared 7% of the time

Rapid7 InsightIDR vs Netsurion

Compared 7% of the time

More Netsurion Competitors

Product Reports

Buyer's Guide

AlienVault OSSIM

January 2026

Download AlienVault OSSIM product report

Buyer's Guide

Netsurion

January 2026

Download Netsurion product report

Also Known As

OSSIM

Netsurion Managed Threat Protection, Netsurion EventTracker

Overview

AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

AT&T

Netsurion offers robust SIEM capabilities enhanced by managed services, facilitating efficient threat identification and response with real-time alerts and comprehensive reporting.

Netsurion stands out for its integration of SIEM, IDS, and vulnerability management. Its real-time threat alerts and dashboards enhance user response capabilities. With centralized logging from Windows, Linux, Cisco devices, firewalls, and Active Directory, Netsurion enables effective compliance support for HIPAA and PCI standards. Managed Threat Protection with the embedded MITRE ATT&CK Framework enhances threat intelligence, while its evolving interface aims to improve user interactions. However, some users find deployment and searching challenging, pointing to areas for improvement.

What are Netsurion's key features?

SIEM Capabilities: Efficient threat identification using real-time alerts and dashboards.
Managed Services: Provides remote monitoring and advisory support.
Comprehensive Reporting: Assists in compliance and actionable insights.
MITRE ATT&CK Framework: Enhances threat intelligence and management.
Seamless Integration: Works with existing systems for streamlined operations.

What benefits should users consider in reviews?

Threat Response Tool: Rapid identification and response to security incidents.
Usability: Efforts to evolve and simplify user interactions.
Operational Efficiency: Streamlined processes through integration and managed services.
Compliance Support: Assistance with industry standards like HIPAA and PCI.

Netsurion is frequently implemented in industries requiring comprehensive security monitoring and compliance, such as healthcare and finance. It aids businesses in consolidating security efforts, offering insights into user activities and system changes, an asset for companies lacking substantial internal resources.

Netsurion

Sample Customers

Council Rock School District

The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores

Buyer's Guide

AlienVault OSSIM vs. Netsurion

December 2025

Free Report: AlienVault OSSIM vs. Netsurion

Find out what your peers are saying about AlienVault OSSIM vs. Netsurion and other solutions. Updated: December 2025.

DOWNLOAD NOW

881,114 professionals have used our research since 2012.

See our AlienVault OSSIM vs. Netsurion report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.