We performed a comparison between AlienVault OSSIM and RSA enVision based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The analytic rule is the most valuable feature."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"The threat policies of the solution are always very advanced and the best in the market. They are very persistent in terms of keeping up with security protocols."
"You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think Alien Vault has the best price-performance ratio."
"The solution is free to use."
"The paid version of the solution has reporting and better scalability options."
"The most valuable features of AlienVault OSSIM are vulnerability assessment, network intrusion detection system, response to critical events, and awareness of the whole network."
"With AlienVault you get everything in one box."
"Better than other SIEM solutions because almost everything can be integrated."
"The most valuable feature of this solution is the reporting."
"The configuration part is very easy...The technical support was sincere in their responses...I rate the technical support a nine out of ten."
"The most valuable feature is the management features. It's capable of managing large enterprises."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"The reporting could be more structured."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"The troubleshooting has room for improvement."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"We'd like to see more connectors."
"AlienVault OSSIM’s configuration and integration could be a little easier."
"AlienVault OSSIM could improve by having better integration with some of the newer tools."
"The incidence reporting could be better."
"Sometimes technical issues take very long to get resolved."
"Lacking in depth of reporting."
"I would like the solution to be able to integrate with my firewall, my IDS and my Honeypot solutions so that it can provide real-time reporting as things occur and then have alert sent to me on my phone when suspicious activity is happening."
"The correlation engine needs to be improved."
"The user interface could be improved."
"The integration could be easier, it should support more products."
"In general, the solution currently isn't user-friendly."
"RSA enVision log manager is out of date and is not in use anymore."
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 27 reviews while RSA enVision is ranked 36th in Security Information and Event Management (SIEM) with 5 reviews. AlienVault OSSIM is rated 7.4, while RSA enVision is rated 6.8. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of RSA enVision writes "Though the solution offers good technical support, it needs to be made more user-friendly ". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and Fortinet FortiSIEM, whereas RSA enVision is most compared with NetWitness Platform, Splunk Enterprise Security and IBM Security QRadar.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.