15 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.5 out of 101
46 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.4 out of 101

Likelihood to Recommend

AlienVault OSSIM

If this is your first experience with a SIEM, this one can get you started. Take the time to learn the ins and outs of the product and you'll most likely be satisfied with it if your company is an SMB. If you need compliance reports, OSSIM is too small for you, you'll need to go with USM or USM Anywhere.
Ivan Montilla Miralles profile photo

SolarWinds Security Event Manager

SolarWinds Log & Event Manager (LEM) is a SIEM that is very well suited for environments where you have a small team managing your technology and need a powerful tool that is easy to set up and requires little maintenance and care to continue doing it's job. In the time that we have had LEM deployed, it has been very solid and has required very little intervention to resolve issues. It comes pre-packaged with some great correlations to get up and running right out of the box as soon as log sources are pointed at it. If you need a SIEM and either don't have the expertise in house, or don't want to spend the resources for professional services, this may be a good fit. There are only a handful of situations where we have run into LEM's limitations when trying to setup functionality or correlations. Otherwise, it is an excellent SIEM that offers some great features.
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

AlienVault OSSIM
8.1
SolarWinds Security Event Manager
8.5
Centralized event and log data collection
AlienVault OSSIM
8.5
SolarWinds Security Event Manager
9.5
Correlation
AlienVault OSSIM
8.0
SolarWinds Security Event Manager
9.7
Event and log normalization
AlienVault OSSIM
7.9
SolarWinds Security Event Manager
9.4
Deployment flexibility
AlienVault OSSIM
8.5
SolarWinds Security Event Manager
8.1
Integration with Identity and Access Management Tools
AlienVault OSSIM
7.4
SolarWinds Security Event Manager
8.1
Custom dashboards and views
AlienVault OSSIM
8.1
SolarWinds Security Event Manager
5.8
Host and network-based intrusion detection
AlienVault OSSIM
8.5
SolarWinds Security Event Manager
8.8

Pros

AlienVault OSSIM

  • Asset discovery. Once installed in a centric, network-accessible server, OSSIM can poll all your endpoints with common protocols (SSH, SNMP, WMI) to detect and discover site-wide assets to monitor. You only need to group them by your own criteria once added to the product.
  • SIEM Event Correlation. You can define quite complex correlation rules to detect possible suspicious or malicious actions or attempts in your network, in order to categorize them as real threats or as false positives, thus streamlining your risk assessment and management.
  • Ease of installation. The entire AlienVault OSSIM is self-contained in an ISO file, which can be burned into a DVD or just mounted in your server of choice (physical or virtual) for deployment. The installation process is automated and quote verbosed, with options for static IP, email messaging and others.
  • Ease of access. Being AlienVault OSSIM a self-contained appliance, it can be accessed via web by any device that supports a web browser, being that desktops, workstation, mobile devices, etc. The OSSIM dashboard and other features are automatically rearranged to adapt to the particular device being in use.
Jose Quintero profile photo

SolarWinds Security Event Manager

  • Monitors account lockouts and reports them with detail so that it is easier to solve this with end users.
  • Monitors and reports account disablement with detail to whoever disabled an account, for audit and accountability.
  • Also, monitors and reports account enablement with detail to whoever enabled an account, again for audit and accountability.
No photo available

Cons

AlienVault OSSIM

  • OSSIM, being an open source solution, lacks log management (a treat that the full USM has). Perhaps a feature to include a lightweight version inside the SIEM Correlation engine can be appreciated.
  • The appliance also lacks support for Cloud-based servers and apps. This feature is also present in USM, so it's unlikely this will appear in OSSIM, but I'd suggest also a reduced version of it included in this appliance.
  • More integration with third-party solutions such as BMC Remedy and ServiceNow, although this can be emulated through email alerts, as most ITSM solutions have the ability of converting incoming email messages into tickets.
Jose Quintero profile photo

SolarWinds Security Event Manager

  • Flash-based UI can lag, HTML5 would be preferred
  • Availability for custom widgets, but you need a bit of training to get things done right unless you have time for trial and error.
  • It only knows what it knows for account lockouts. If a source machine isn't available in the Event Viewer ID that triggers the alert, it does not have any extra tools to help it determine the issue.
No photo available

Usability

AlienVault OSSIM

AlienVault OSSIM 8.0
Based on 1 answer
AlienVault OSSIM is far easy to use and manage - provided you know what you're doing. As any SIEM application, there is some background knowledge required in order to take advantage of the product's functionalities, such as the log correlation and analysis. Other than that, the application is quite usable and robust.
Jose Quintero profile photo

SolarWinds Security Event Manager

No score
No answers yet
No answers on this topic

Alternatives Considered

AlienVault OSSIM

AlienVault OSSIM as the first experience with a SIEM is very fine, especially if your company is an SMB. Every SIEM shares some features in common with other products, features such as log retrieval and normalization. So if you stick with principles, you can learn other SIEM products as well. If your environment is not of a minimum size, LogRhythm might be overkill for your network, same with McAfee Enterprise Security Manager.
Ivan Montilla Miralles profile photo

SolarWinds Security Event Manager

We did not evaluate LEM against competitors because we have a significant investment in other SolarWinds products and wanted to leverage the infrastructure and interface as well as staff knowledge.
Scott Reese profile photo

Return on Investment

AlienVault OSSIM

  • The ROI of OSSIM itself is, obviously, immediate, being that it's a free, open-source product. However, you must take into account other inherent investments to cover up for the lack of official support, such as certified agents or consultants that take care of the management and maintenance of the product once in production.
  • On the other hand, the potential loss of information and interruption of operativity due to malware and other threats is really unmeasurable. The implicit savings in OSSIM as a SIEM (Security Information and Event Management) are really the major positive impact on your organization's revenue.
  • Finally, and from a reseller's point of view, reselling OSSIM has the big plus of being a professional services-only asset, given that the appliance itself is free of charge. The only thing to consider is the initial investment in team members with the required capacitation and knowledge to address such professional services to potential customers.
Jose Quintero profile photo

SolarWinds Security Event Manager

  • We did not have to purchase Cisco's successor to MARS, that is a large ROI.
  • We did not have the ability to know when users locked their accounts by bad password attempts, now we know before they call us.
Scott Reese profile photo

Screenshots

AlienVault OSSIM

Pricing Details

AlienVault OSSIM

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

SolarWinds Security Event Manager

General

Free Trial
Yes
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

Add comparison