AlienVault OSSIM vs SolarWinds Security Event Manager comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between AlienVault OSSIM and SolarWinds Security Event Manager based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed AlienVault OSSIM vs. SolarWinds Security Event Manager Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases.""It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions.""Microsoft Sentinel comes preloaded with templates for teaching and analytics rules.""The initial setup is very simple and straightforward.""The automation feature is valuable.""The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards.""The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system.""The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."

More Microsoft Sentinel Pros →

"The threat alerts it gives me from time to time on harmful code within the network, or if they are generating any network traffic, are very useful.""The solution has a very good open source community, and whenever we have problems, we are always able to resolve it online.""The solution is very stable. Compared to Qradar and Splunk, it's very stable.""The dashboard is the solution's most valuable aspect. It brings everything into one central point where I can actually look at it and go, "Okay, I understand what's going on."""OSSIM is the only solution that includes the large number of modules that we need: a vulnerability scanner, a network IDS system, a host IDS system.""The initial setup was straightforward. I didn't have any problems.""You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think Alien Vault has the best price-performance ratio.""The most valuable features of this solution are the data correlation and vulnerability assessment."

More AlienVault OSSIM Pros →

"The most valuable feature is the reporting.""It's easy to build rules and actions based on the logs and event types we collect with the software.""Some of the rules are most valuable because you can be notified about various things, such as spyware or things that are going on in the internal network.""It performs network behavior monitoring, log monitoring, and disaster recovery monitoring.""SolarWinds Security Event Manager has been generally working well.""We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before.""The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace.""It has in-depth monitoring capabilities and an easy way for setting up dashboards. I can expand in various areas, or I can reduce areas. It supports different types of breakdowns, filters, and rules. It is very simple for an out-of-the-box type of product. It doesn't take a lot of time to figure it out, which is unlike some of the solutions that I have looked at. It meets all the aspects."

More SolarWinds Security Event Manager Pros →

Cons
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools.""They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good.""There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it.""If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement.""Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this.""It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall.""At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market.""There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."

More Microsoft Sentinel Cons →

"There needs to be more support or some kind of training program so users can self-learn the system more effectively.""It's so hard to configure and explore something new on it.""Lacking in depth of reporting.""The price of this solution is very high and it could be cheaper.""It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system.""AlienVault OSSIM’s configuration and integration could be a little easier.""AlienVault OSSIM should improve the deployment and make it unified like the USM.""GUI could be improved."

More AlienVault OSSIM Cons →

"I don't think SolarWinds is scalable enough. It is somewhat limited when I need to deploy it across multiple environments in a distributed architecture.""The company had to use a third party for the implementation of the solution.""There is no correlation made between log entries, so no threat information is presented.""It can be difficult for users who are inexperienced with the solution.""Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product.""It is a very technical program. They can simplify it so that it isn't so hard to deal with.""We'd like more customization capabilities.""The reporting could be more robust. It can be a lot more granular and that will make it a lot more useful in comparison to how it is incorporated at the moment."

More SolarWinds Security Event Manager Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."
  • More Microsoft Sentinel Pricing and Cost Advice →

  • "AlienVault pricing is the best. Whatever cost you are paying, you are getting a return on every penny... It's not like your IBM, your QRadar, or Splunk, where the cost is too high."
  • "The solution is open source, so it's free to use."
  • "OSSIM is free."
  • "The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this."
  • "AlienVault OSSIM is free."
  • "We are using the community version, which can be used for free."
  • "We are using a free version of the solution. If you purchase a license there are more features available but the price is a little high. The solution should be cheaper to allow more customers to be able to afford it."
  • "The price of AlienVault OSSIM is too high sometimes for us to present to our customers. The price should be lower. We are on a three-year license to use the solution. We had to pay extra for the support."
  • More AlienVault OSSIM Pricing and Cost Advice →

  • "Licensing is on devices, so if you have many, then this may be high."
  • "We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."
  • "The pricing model would benefit from having package deals with other SolarWinds products."
  • "Licenses can only be purchased in blocks of fifty at a time."
  • "It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."
  • "The price of SolarWinds Security Event Manager is reasonable."
  • More SolarWinds Security Event Manager Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Top Answer:The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify… more »
    Top Answer:AlienVault OSSIM is expensive compared to its competitors.
    Top Answer:AlienVault OSSIM gives unwanted notifications.
    Top Answer:The solution helps you monitor database instances, application instances, other customer application things, Linux… more »
    Top Answer:The cost is exorbitantly high. The trial version lasts for thirty days, but I found a subscription plan priced at four… more »
    Top Answer:One of the drawbacks of being so flexible is that it is also a fairly complicated software application to install… more »
    Comparisons
    Also Known As
    Azure Sentinel
    OSSIM
    SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager
    Learn More
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

    When TriGeo was acquired by SolarWinds, TriGeo SIM became known as SolarWinds Log & Event Manager. This product is a leading Security Information and Event Management (SIEM) product and log management solution, which provides log collection, analysis, and real-time correlation.

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Council Rock School District
    NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Insurance Company15%
    Recruiting/Hr Firm8%
    Transportation Company8%
    Media Company8%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Comms Service Provider9%
    Government8%
    Financial Services Firm7%
    REVIEWERS
    Computer Software Company21%
    Financial Services Firm16%
    Government11%
    Comms Service Provider11%
    VISITORS READING REVIEWS
    Educational Organization67%
    Computer Software Company5%
    Government4%
    Financial Services Firm3%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    REVIEWERS
    Small Business53%
    Midsize Enterprise30%
    Large Enterprise17%
    VISITORS READING REVIEWS
    Small Business30%
    Midsize Enterprise18%
    Large Enterprise51%
    REVIEWERS
    Small Business65%
    Midsize Enterprise12%
    Large Enterprise23%
    VISITORS READING REVIEWS
    Small Business10%
    Midsize Enterprise71%
    Large Enterprise19%
    Buyer's Guide
    AlienVault OSSIM vs. SolarWinds Security Event Manager
    March 2024
    Find out what your peers are saying about AlienVault OSSIM vs. SolarWinds Security Event Manager and other solutions. Updated: March 2024.
    765,386 professionals have used our research since 2012.

    AlienVault OSSIM is ranked 16th in Security Information and Event Management (SIEM) with 26 reviews while SolarWinds Security Event Manager is ranked 21st in Security Information and Event Management (SIEM) with 24 reviews. AlienVault OSSIM is rated 7.4, while SolarWinds Security Event Manager is rated 7.6. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of SolarWinds Security Event Manager writes "A comprehensive network security with robust technical capabilities, effective threat response, and centralized management". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere and Splunk Enterprise Security, whereas SolarWinds Security Event Manager is most compared with ManageEngine Log360, Splunk Enterprise Security, IBM Security QRadar, Microsoft Defender XDR and ArcSight Enterprise Security Manager (ESM). See our AlienVault OSSIM vs. SolarWinds Security Event Manager report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.