Try our new research platform with insights from 80,000+ expert users

AlienVault OSSIM vs Wazuh comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AlienVault OSSIM
Ranking in Security Information and Event Management (SIEM)
11th
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
31
Ranking in other categories
No ranking in other categories
Wazuh
Ranking in Security Information and Event Management (SIEM)
2nd
Average Rating
7.4
Reviews Sentiment
6.7
Number of Reviews
48
Ranking in other categories
Log Management (1st), Extended Detection and Response (XDR) (5th)
 

Mindshare comparison

As of August 2025, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 3.2%, down from 4.3% compared to the previous year. The mindshare of Wazuh is 11.8%, down from 16.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

HarshBhardiya - PeerSpot reviewer
An open-source solution that provide good detection and more visibility
The solution is not scalable. It impacts so hard. In the initial stages, AlienVault OSSIM can be suitable for small environments. There may be limitations if the customer expresses a desire to expand and add more devices. In such cases, we would need to either explore additional solutions or work within the constraints of the existing setup. We have set up alerts and configured everything in AlienVault OSSIM. It actively monitors for any security incidents. It provides us with regular updates and notifications about any ongoing activities. Only one person is using the solution. It is the perfect solution for small businesses. I rate the solution’s scalability a three out of ten.
Sandip_Patel - PeerSpot reviewer
Evaluating robust file monitoring with insights for community support improvements
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs. These aspects are vital as they provide alerts for changes and facilitate the monitoring of compliance. The platform is also relatively easy to set up and operate. Reports are straightforward to extract and prove useful for compliance requirements.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable at least you can do something about it."
"AlienVault OSSIM's GUI is very user-friendly."
"Asset discovery is good."
"You can customize the dashboards as well as the reporting."
"With AlienVault you get everything in one box."
"The solution is free to use."
"The product is majorly used for threat detection of the agents on servers and endpoints."
"The initial setup is straightforward."
"I like the cloud-native infrastructure and that it's free. We didn't have to pay anything, and it has the capabilities of many premium solutions in the market. We could integrate all of our services and infrastructure in the cloud with Wazuh. From an integration point of view, Wazuh is pretty good. I had a good experience with this platform."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions."
"It has efficient SCA capabilities."
"It's stable."
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs. Inventory is probably the most important feature. It tells us when processes and packages were installed and what they are, which is helpful."
"The tool is stable."
"The most valuable features are the modules and metrics."
 

Cons

"AlienVault OSSIM failed to provide our company a full insight, while also giving out a lot of false positives."
"The documentation could be improved."
"There are somewhat more false positives with the user behavior analytics, which could benefit from an additional machine learning model to detect user patterns more rapidly."
"I don't like to work on OSSIM because it is unpredictable."
"I suggest more in-built rules based on modern threats and environments to make it a more competitive solution."
"It's so hard to configure and explore something new on it."
"AlienVault OSSIM could improve by having better integration with some of the newer tools."
"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."
"Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."
"Wazuh is missing many things that a typical SIEM should have."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"Wazuh requires substantial maintenance. The indexer frequently times out, requiring system restarts. When it comes to errors, debugging takes considerable time."
"I have yet to find the same capability in Wazuh to get logs from different sources into the system"
"The support channel is not optimal, and extensive research is required on our part to implement Wazuh effectively."
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux."
"A lack of certain features creates limitations."
 

Pricing and Cost Advice

"AlienVault OSSIM is free."
"AlienVault OSSIM is expensive compared to its competitors."
"The solution is open source, so it's free to use."
"I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log."
"OSSIM is free."
"We are using a free version of the solution. If you purchase a license there are more features available but the price is a little high. The solution should be cheaper to allow more customers to be able to afford it."
"OSSIM is open source, and USM is the paid license. So, if you want, you can switch to USM. There you will have to buy a license, and they have a support team that helps you out on issues you face."
"The tool's licensing costs are yearly."
"It is a free-of-cost solution."
"The product price is neither too high nor too low."
"There is not a license required for Wazuh."
"The product is cheaper compared to other tools."
"They have a good pricing strategy for market expansion."
"Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
"The current pricing is open source."
"We use the free version of Wazuh."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
865,295 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Comms Service Provider
11%
University
8%
Educational Organization
8%
Computer Software Company
15%
Comms Service Provider
9%
University
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for AlienVault OSSIM?
It depends. I would need to review their cost models, but generally, they are on a scaled basis based on throughput usage. Because it's a software as a service solution for their core product for U...
What needs improvement with AlienVault OSSIM?
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implement...
What do you like most about Wazuh?
Wazuh is its flexibility and open-source nature, which allows us to tailor threat detection and response across diverse client environments. Its integration capabilities with SOAR, cloud platforms,...
What needs improvement with Wazuh?
That would require me to discuss with the Wazuh team regarding areas that could be improved, as I have numerous ideas. From a developer's perspective, this is a Linux system with an active communit...
What is your primary use case for Wazuh?
Wazuh is a SIEM platform with various applications in today's environment. Compliance checks have helped with regulatory requirements. I pulled in PCI DSS to check for file integrity monitoring. I ...
 

Comparisons

 

Also Known As

OSSIM
No data available
 

Overview

 

Sample Customers

Council Rock School District
Information Not Available
Find out what your peers are saying about AlienVault OSSIM vs. Wazuh and other solutions. Updated: July 2025.
865,295 professionals have used our research since 2012.