AlienVault OSSIM

AlienVault OSSIM

AlienVault OSSIM

Overview

Recent Reviews

Lego block SIEM

6 out of 10
November 24, 2021
As an organization, we leveraged alien vault as a SIEM solution for ourselves and also as a managed services offering for our customers. …
Continue reading

High Quality SIEM (plus more)

9 out of 10
July 21, 2021
Alien Vault is a great product, which I have used over at my previous job and had purchased and installed at my current position too. …
Continue reading

Popular Features

View all 13 features

Custom dashboards and workspaces (16)

9.3
93%

Deployment flexibility (11)

8.6
86%

Event and log normalization/management (18)

8.3
83%

Correlation (11)

7.9
79%

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of AlienVault OSSIM, and make your voice heard!

Pricing

View all pricing
N/A
Unavailable

What is AlienVault OSSIM?

OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified platform…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Would you like us to let the vendor know that you want pricing?

5 people want pricing too

Alternatives Pricing

What is Nessus?

Tenable headquartered in Columbia offers Nessus, a vulnerability scanning and security assessment solution used to analyze an entity's security posture, vulnerability testing, and provide configuration assessments.

What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make threat detection and response smarter and faster with artificial intelligence (AI). Eliminate…

Features Scorecard

Security Information and Event Management (SIEM)

7.8
78%

Product Details

What is AlienVault OSSIM?

OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified platform providing:
  • Asset discovery
  • Vulnerability assessment
  • Intrusion detection
  • Behavioral monitoring
  • SIEM
OSSIM provides the basis for AlienVault's proprietary Unified Security Management (USM) product.

It also leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts.

AlienVault OSSIM Video

AlienVault® USM vs. OSSIM™

AlienVault OSSIM Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Comparisons

View all alternatives

Reviews and Ratings

 (25)

Ratings

Reviews

(1-9 of 9)
Companies can't remove reviews or game the system. Here's why
November 24, 2021

Lego block SIEM

Score 6 out of 10
Vetted Review
Reseller
Review Source
Originally my organization leveraged alien value due to the lower cost of entry and ability to manage it as a service provider. Unfortunately, after several years of working with this tool, it became unwieldy to use as it felt that almost every useful report had to be created by hand. As other tools have come out with the ability to do automated responses such as Stellar Data processor, we have begun to evaluate alternatives.
Score 8 out of 10
Vetted Review
Verified User
Review Source
We did not evaluate or use any other product previous to AlienVault [OSSIM]. We had a specific need to meet our audit requirements and AlienVault [OSSIM] provided all the features needed as well as being simple enough to deploy without any dedicated staff. Real-time alerts from custom rules gives us a heads-up immediately to investigate any threat.
Score 9 out of 10
Vetted Review
Verified User
Review Source
GravityZone is more or less an EPP/EDR solution for individual workstations, however, it includes centralized management, which can help mitigate/prevent cybersecurity incidents. AlienVault monitors the entire network monitors clients/accounts for suspicious behavior and it's more flexible as does not require any form of a client to be installed on any devices in the business. In the end, I have decided our business can benefit from both and have purchased both GravityZone for all of my workstations/remote workers and AlienVault to cover our entire network.
Score 10 out of 10
Vetted Review
Verified User
Review Source
Best bang for the buck. Darktrace did not perform even close to AlienVault. I ran them concurrently. AlienVault consistently found issues that Darktrace didn't pick up, and the Darktrace incidents were false positives. At one point, Darktrace stated I had 2,000 servers and I have 112.

FortiSIEM is an awesome package but it's more then I need (or can afford). I would need to add staff, for at least the first year or so, just to get it setup and configured correctly.
December 01, 2018

AlienVault OSSIM

Scott Holland | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
OSSIM is the free version of the Alien Vault USM and comes packed with most of the features you will need to get going. Like most free to use products, it is missing aspects that make the use of the product much more productive.

As an example, you will need a separate system for log storage, as the OSSIM does not have storage like the USM does, making the setup a little longer and more systems needed to make it work.
Jose Quintero | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Reseller
Review Source
AlienVault OSSIM has the upper ante in initial deployment price, being that it's open source. Also, with perhaps the exception of SolarWinds, it has a lower optimal requirements for onsite deployment, hence your OPEX won't be hit very hard by investing in new hardware to suit the appliance. The correlation engine is somewhat more robust that their counterparts in LogRhythm and SolarWinds, and the IDS (both NIDS and HIDS) are more reliable as well in terms of results. Finally, although Tenable SecurityCenter is more robust in dashboards, alerts and reports, it comes short in front of OSSIM in terms of real-time IDS and SIEM correlation.
Ivan Montilla Miralles | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault OSSIM as the first experience with a SIEM is very fine, especially if your company is an SMB. Every SIEM shares some features in common with other products, features such as log retrieval and normalization. So if you stick with principles, you can learn other SIEM products as well. If your environment is not of a minimum size, LogRhythm might be overkill for your network, same with McAfee Enterprise Security Manager.