AlienVault OSSIM

AlienVault OSSIM

AlienVault OSSIM

Overview

Recent Reviews

Lego block SIEM

6 out of 10
November 24, 2021
As an organization, we leveraged alien vault as a SIEM solution for ourselves and also as a managed services offering for our customers. …
Continue reading

High Quality SIEM (plus more)

9 out of 10
July 21, 2021
Alien Vault is a great product, which I have used over at my previous job and had purchased and installed at my current position too. …
Continue reading

Popular Features

View all 13 features

Custom dashboards and workspaces (16)

9.3
93%

Deployment flexibility (11)

8.6
86%

Event and log normalization/management (18)

8.3
83%

Correlation (11)

7.9
79%

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of AlienVault OSSIM, and make your voice heard!

Pricing

View all pricing
N/A
Unavailable

What is AlienVault OSSIM?

OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified platform…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Would you like us to let the vendor know that you want pricing?

5 people want pricing too

Alternatives Pricing

What is Nessus?

Tenable headquartered in Columbia offers Nessus, a vulnerability scanning and security assessment solution used to analyze an entity's security posture, vulnerability testing, and provide configuration assessments.

What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make threat detection and response smarter and faster with artificial intelligence (AI). Eliminate…

Features Scorecard

Security Information and Event Management (SIEM)

7.8
78%

Product Details

What is AlienVault OSSIM?

OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified platform providing:
  • Asset discovery
  • Vulnerability assessment
  • Intrusion detection
  • Behavioral monitoring
  • SIEM
OSSIM provides the basis for AlienVault's proprietary Unified Security Management (USM) product.

It also leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts.

AlienVault OSSIM Video

AlienVault® USM vs. OSSIM™

AlienVault OSSIM Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Comparisons

View all alternatives

Reviews and Ratings

 (25)

Ratings

Reviews

(1-11 of 11)
Companies can't remove reviews or game the system. Here's why
November 24, 2021

Lego block SIEM

Score 6 out of 10
Vetted Review
Reseller
Review Source
As an organization, we leveraged alien vault as a SIEM solution for ourselves and also as a managed services offering for our customers. The scope was to support environments from a security perspective collecting logs and generating reports and analytics for the purposes of IT security. This included custom reporting, leveraging on-premises appliances and delivery is security as a service.
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault [OSSIM] is being used across the entire organization. It has an intelligent analytic engine to determine potential threats in our network. The dashboard provides a clear presentation of alerts and allows you to drill down into an alert to determine detailed information for research. It is also customizable to create rules and send email notifications.
Score 9 out of 10
Vetted Review
Verified User
Review Source
Alien Vault is a great product, which I have used over at my previous job and had purchased and installed at my current position too. Alien Vault is being primarily used by the IT team, but since it protects our entire network benefits the business in its entirety. Once the team has overcome the initial flood of notifications and had fine-tuned the alerts, the product is great and you know that each alert requires investigation, which in the long run will help us mitigate issues with cybersecurity.
John Keenan | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
We're currently on a migration path to eliminate AlienVault OSSIM but it was our only SIEM when I first arrived on location. We use it to collect and analyze security data from a variety of sources. Kind of like a receiver is used to merge audio sources from a bunch of disparate systems.
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault OSSIM is being used across the entire organization. We use the tools to assist in computer security, intrusion detection, and prevention. It provides effective threat detection, incident response, and compliance management, all done within a single appliance. The analysis is run in the background so we don't have to look at all the threats individually and research them from scratch.
Score 10 out of 10
Vetted Review
Verified User
Review Source
Anyone who works in a K12 public school district knows you have just as many threats inside your network as outside. Think about it, what else do 7 through 12 graders have but time and curiosity? I've set this up on my perimeters at each of my high schools and middle schools, and again at the district level. My goal is to watch the traffic and devices inside each building and also across the buildings. We use it daily to monitor for unusual activity, devices, or strange "stuff" on our network.
Score 9 out of 10
Vetted Review
Verified User
Review Source
It is currently being used by only the IT department. It is a fantastic tool to help with intrusion detection, asset discovery, SIEM correlation, behavior analytics, and a few other features. On the SIEM side, it does standard correlation, normalization, and collection. Being open source we use it only as part of a lab and not as our enterprise tool but it's been great working with it so far.
December 01, 2018

AlienVault OSSIM

Scott Holland | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
AlienVault OSSIM address's several business problems including but not limited to.
  • SIEM
  • Reporting
  • Asset management

OSSIM allows all this to be done form a single management platform saving time and money in having to use multiple platforms to complete daily tasks. With the OSSIM you will need a separate syslog server to allow the collection on logs
Jose Quintero | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Reseller
Review Source
AlienVault OSSIM is our lightweight, open-souce option for SIEM and vulnerability assessment in our company and recommended for deployment in our clients. OSSIM, besides being open-sourced (hence, free of charge, although also free of support), is very flexible being mounted over a special Linux distro (Debian-based) and easily installable either on physical or virtual servers. Despite being a lighter version of the full-fledged AlienVault All-In-One solution, it's very much capable of handling daily maintenance and inspection IT tasks such as IDS (Intrusion Detection System), both network-based and hardware-based, SIEM correlation, Asset Discovery, and also includes the very useful AlienVault OTX (Open Threat Exchange) platform, allowing you and your organization to keep up to date in terms of threats and malicious devices worldwide that can affect your operations via open collaborative information.
Ivan Montilla Miralles | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
AlienVault OSSIM is used in the organization as a log centralization tool and also as an event manager. We also use the feature of asset and availability management. The Netflow feature is also really helpful at diagnosing spikes of activity in the network, we also rely on it to detect suspicious activity.