No more typing reviews! Try our Samantha, our new voice AI agent.

AlienVault OSSIM vs Sumo Logic Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AlienVault OSSIM
Ranking in Security Information and Event Management (SIEM)
26th
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
31
Ranking in other categories
No ranking in other categories
Sumo Logic Security
Ranking in Security Information and Event Management (SIEM)
21st
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
25
Ranking in other categories
Log Management (21st), Security Orchestration Automation and Response (SOAR) (14th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 1.2%, down from 3.4% compared to the previous year. The mindshare of Sumo Logic Security is 1.6%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Sumo Logic Security1.6%
AlienVault OSSIM1.2%
Other97.2%
Security Information and Event Management (SIEM)
 

Featured Reviews

BP
Independent Contractor at a comms service provider with 5,001-10,000 employees
Enables cost-effective security management for small businesses
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implementation. The main area where the AlienVault product was lacking around the 2018 timeframe was in its ability to scale. By pushing it to a cloud-based system, they've largely alleviated scale issues. It's native in Amazon but will also run in Azure. They have worked with cloud service providers to offer enough throughput at a cost reasonable for a corporation. Scaling was their biggest problem, and they've largely conquered those issues.
MR
Senior Security Analyst at City Electric Supply Company
Security insights have enabled faster incident response and streamlined cross-team collaboration
To improve Sumo Logic Security, I would appreciate the tool being easier to use from a search perspective. For example, we have a few teams that want to use the tool itself, but they are not as savvy when it comes to creating searches from the core platform. I understand that Mobot has come out and is in the works, and it really does assist non-savvy users when it comes to querying the platform. As far as that is concerned, I wish that could be improved a bit more, but I do know that that is in the works. I would add that I wish for improved documentation. For example, we are using Sumo Playbooks and automation integrations along with that, but I have found that there has been a lack of documentation, very little to none at all when it comes to that. With regards to automation integrations as well, there are very few details included in them. I would also appreciate the AWS automation integrations to be more secure because currently, they are using access keys, which involves a user rather than roles, which is the security best practice recommended by AWS. I chose eight out of ten because to make it a nine or ten, I would lean heavily on the documentation. A lot of the times when we get around to configuring things such as playbooks or trying to understand playbooks, what I found was that documentation sometimes is not up to date or documentation is lacking. There are instances also where some security best practices are not being followed. So, if we are able to set up an integration that is not only secure, following security best practices, and has complete documentation, I believe it would alleviate the issue of having to go back and forth with support to check the documentation and things of that nature. My impression of the built-in threat intelligence feature in Sumo Logic Security is that it is comprehensive, but I would say that it could do a little bit better. For example, we have the TAXI feeds, which is STIX and TAXI integrated into the core platform, but the issue I am running into is that I am able to use that feed into a CSE alert; however, I am not able to see the contents of that feed. If I integrate CISA, which we do have integrated, I cannot see what IOCs are in that feed in the core platform, and I hope that is the case because, in order for us to better tune our alerts, we need to be able to see what is in the contents of that threat intelligence feed.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"What I like about this product, is that it is a fully-fledged solution."
"With AlienVault you get everything in one box."
"The threat policies of the solution are always very advanced and the best in the market, and they are very persistent in terms of keeping up with security protocols."
"The most valuable feature is the logging capability."
"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"The most valuable features of AlienVault OSSIM are vulnerability assessment, network intrusion detection system, response to critical events, and awareness of the whole network."
"The open vault component and the checking of vulnerabilities are the most valuable features, and the page management helps with this, because if you know how your device is vulnerable at least you can do something about it."
"The solution is free to use."
"As a cloud-native SIEM, it scales up very well automatically, and real-time threat detection is available, so detection time has dropped significantly from three to four hours to under 30 minutes, reducing alert fatigue by over 100 days of low-volume alerts and significantly improving our KPIs, alert efficiency, decision quality, and operational stability."
"For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"Sumo Logic Security has positively impacted my organization by increasing engagement with different teams."
"I would recommend Sumo Logic; it is easy to use, the culture at Sumo Logic seems to be developer focused, the product is good, the developers are able to use it to get their job done quickly and easily, it fits into the developer's workload, the support is excellent, and we use it in both AWS and on-premise where it tends to work the same in both cases."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"There are a lot of things we like about this product."
"Sumo Logic has absolutely improved our organization — 100% Sumo Logic is a great tool, it's absolutely necessary."
 

Cons

"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."
"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."
"The user interface needs to be friendlier across the board."
"GUI could be improved."
"The initial setup was not so easy, partly because the documentation was not up to date."
"AlienVault OSSIM gives unwanted notifications."
"Lacking in depth of reporting."
"They can add more compliance templates."
"The dashboard has room for improvement, because sometimes it is a difficult to create a specific dashboard or query. This would be a nice place to correct problems."
"Some of the operations and security team members don't think Sumo Logic does as well as Splunk in their field."
"Automation is open to user's implementation, in my case, we used to use API to correlate and orchestrate events from Sumo Logic with other platforms, and now we are using an automation platform to centralize the various integrations."
"The solution should improve its UI."
"The initial setup is the most stressful, like learning how to use it."
"Sumo Logic Security is expensive, and its pricing could be improved."
"This can lead to alerts that are collections of disjointed signals that sometimes make no sense and lack real context; this simplistic approach makes it hard to find coherent stories during investigations."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
 

Pricing and Cost Advice

"AlienVault pricing is the best. Whatever cost you are paying, you are getting a return on every penny... It's not like your IBM, your QRadar, or Splunk, where the cost is too high."
"The price of AlienVault OSSIM is too high sometimes for us to present to our customers. The price should be lower. We are on a three-year license to use the solution. We had to pay extra for the support."
"The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this."
"I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log."
"AlienVault OSSIM is an open-source solution."
"We are using the community version, which can be used for free."
"The solution is open source, so it's free to use."
"OSSIM is free."
"The AWS Marketplace pricing is fairly reasonable for what it does. I wouldn't call it expensive, but I wouldn't call it cheap. It is pretty good."
"The license pricing model is based on the events that are processed through the solution."
"The price scaling comes in a bit expensive."
"Pricing has been cheaper than some of the competing tools, like Splunk."
"I don't pay the bill. I've heard the AWS Marketplace pricing is high, but I like the value."
"The pricing is a little high, but for the features that we receive from Sumo Logic, it suits the price. For some small organizations, the price might be a little high."
"The AWS Marketplace pricing is borderline. Every annual renewal, we always contemplate if we are getting what we think we could out of it or could we do it cheaper with some other product."
"The only limit to the scalability of the product for us is how much we are willing to pay."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Comms Service Provider
14%
Financial Services Firm
8%
Computer Software Company
8%
Manufacturing Company
7%
Manufacturing Company
12%
Financial Services Firm
11%
Outsourcing Company
10%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business18
Midsize Enterprise9
Large Enterprise8
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise4
Large Enterprise16
 

Questions from the Community

What is your experience regarding pricing and costs for AlienVault OSSIM?
It depends. I would need to review their cost models, but generally, they are on a scaled basis based on throughput usage. Because it's a software as a service solution for their core product for U...
What needs improvement with AlienVault OSSIM?
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implement...
What is your primary use case for AlienVault OSSIM?
This solution is very similar to most of the other MSSPs that you would find out there. When I look at use cases, AlienVault was initially aimed at small to medium businesses. It grew, and that was...
What is your experience regarding pricing and costs for Sumo Logic Security?
I would say that the pricing for Sumo Logic Security is in the medium part of the market. If you go to the well-known vendors such as Azure Sentinel or other tools like Splunk, you are going to fin...
What needs improvement with Sumo Logic Security?
I would say there are a few more things that Sumo Logic Security can improve on. It is not the tool; it is a technical part. From the app point of view, I would say when we need to include a few la...
 

Also Known As

OSSIM
No data available
 

Overview

 

Sample Customers

Council Rock School District
Information Not Available
Find out what your peers are saying about AlienVault OSSIM vs. Sumo Logic Security and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.