AlienVault OSSIM

AlienVault OSSIM

AlienVault OSSIM

Overview

Recent Reviews

Lego block SIEM

6 out of 10
November 24, 2021
As an organization, we leveraged alien vault as a SIEM solution for ourselves and also as a managed services offering for our customers. …
Continue reading

High Quality SIEM (plus more)

9 out of 10
July 21, 2021
Alien Vault is a great product, which I have used over at my previous job and had purchased and installed at my current position too. …
Continue reading

Popular Features

View all 13 features

Custom dashboards and workspaces (16)

9.3
93%

Deployment flexibility (11)

8.6
86%

Event and log normalization/management (18)

8.3
83%

Correlation (11)

7.9
79%

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of AlienVault OSSIM, and make your voice heard!

Pricing

View all pricing
N/A
Unavailable

What is AlienVault OSSIM?

OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified platform…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Would you like us to let the vendor know that you want pricing?

5 people want pricing too

Alternatives Pricing

What is Nessus?

Tenable headquartered in Columbia offers Nessus, a vulnerability scanning and security assessment solution used to analyze an entity's security posture, vulnerability testing, and provide configuration assessments.

What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make threat detection and response smarter and faster with artificial intelligence (AI). Eliminate…

Features Scorecard

Security Information and Event Management (SIEM)

7.8
78%

Product Details

What is AlienVault OSSIM?

OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified platform providing:
  • Asset discovery
  • Vulnerability assessment
  • Intrusion detection
  • Behavioral monitoring
  • SIEM
OSSIM provides the basis for AlienVault's proprietary Unified Security Management (USM) product.

It also leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts.

AlienVault OSSIM Video

AlienVault® USM vs. OSSIM™

AlienVault OSSIM Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Comparisons

View all alternatives

Reviews and Ratings

 (25)

Ratings

Reviews

(1-11 of 11)
Companies can't remove reviews or game the system. Here's why
Score 10 out of 10
Vetted Review
Verified User
Review Source
AlienVault OSSIM is very well suited for threat hunting. The ability to find all events and logs from all machines in one place saves a lot of time. It is also well suited for vulnerability scanning. The aspect that is lacking (or not obvious at least) is the integration with other security tools (like an antivirus for example).
November 24, 2021

Lego block SIEM

Score 6 out of 10
Vetted Review
Reseller
Review Source
AlienVault is a good SIEM tool in general, it can collect logs, has the ability to create custom reports for the data that it gathers from both windows systems and networking devices, and the reports with some amount of finessing can look as good as the organization spends time on them. The problem is that alien vault past these great abilities falls short on doing anything else, it is an archaic SIEM solution that does nothing more than being a SIEM solution, [it] is very little out of the box reporting that is useful, no ability to dynamically adapt to a customers environment and no AI built into the appliance. At the end of the day, the biggest problem that this product suffers from is that it is expensive for the value provided. If you are looking for a SIEM that does nothing more than just be a SIEM and you have a dedicated team to run it, alien value is a great tool, unfortunately, that’s all it can do.
Score 8 out of 10
Vetted Review
Verified User
Review Source
If you don't have staff do dedicate solely to SIEM, AlienVault [OSSIM] is simple enough to get up and running and configure enough rules and notifications so that it does not require dedicated staff to constantly monitor. Vulnerability scanning has a lot to be desired - suggest using a system with more robust vulnerability scanning features.
Score 9 out of 10
Vetted Review
Verified User
Review Source
It is a great product for any size organization and scales very well as the company's demand increases. Because it is built on open source technology, its inner workings are more or less auditable by anyone that would like to so, it will be difficult to have back doors installed in the product. The alerts are great, you can also have them automatically perform actions, based on different scenarios.
It can be a bit pricey, but the support is great and well worth it for a medium to large enterprise.
John Keenan | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
If you want a SIEM and you are a small-to mid-market organization getting security monitoring started, then this is a great SIEM for the money. It comes with a vulnerability scanner. While vulnerability scanners aren't all that expensive, this saves time and money by offering an industry-leading open-source version that enables managers to immediately start vulnerability management programs.
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault OSSIM is great for organizations that do not have a large staff and cannot afford to dedicate an entire person or group of people to deal with threats and monitoring the environment. The cost is also very reasonable for the amount of functionality of all the features we receive from the product.
Score 10 out of 10
Vetted Review
Verified User
Review Source
AlienVault OSSIM is an excellent starter SIEM—you have a fully functioning SIEM in a few hours (installs in less than one, but takes a few to configure, based on your network). The insight you get, immediately is worth the time setting it up. If you are willing to invest some more time, you can fine tune it to really provide deep insight into your network. I really love that it is still free (was nervous when AT&T bought AlienVault).

Each of MyBuildings is routed back to the core - reduces overall traffic and adds one more layer to the network for security reasons. So having an "eye" in each building is necessary at this point. Not sure what I would do if I had to stop using them. The only other thing I plan on doing, in the process of rolling it out right now, is to add some netflow analysis.
December 01, 2018

AlienVault OSSIM

Scott Holland | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
OSSIM is suited for security researchers and system admins who want quick visibility of network activity and alerts they may have missed without the aid of Alien Vault OSSIM. After a setup that only takes around 15 to 30 minutes, you will be seeing network traffic and generating alarms on your dashboard making it fast and effective deployment.
Jose Quintero | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Reseller
Review Source
The most obvious scenario in which OSSIM is well suited is in a single office/home office (SOHO) or small business, in which budget is reduced but asset discovery and vulnerability management are greatly needed and appreciated. OSSIM is lightweight and free, so the real challenge to face is to hire or assign an administrator to manage and operate it, instead of any investment on an expensive appliance. Also, as resellers, promoting usage of OSSIM to customers charging for professional services for installation, administration, and maintenance (remember that OSSIM doesn't have official support from AlienVault) is a great asset for the organization.
Ivan Montilla Miralles | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
If this is your first experience with a SIEM, this one can get you started. Take the time to learn the ins and outs of the product and you'll most likely be satisfied with it if your company is an SMB. If you need compliance reports, OSSIM is too small for you, you'll need to go with USM or USM Anywhere.