Skip to main content
TrustRadius: an HG Insights Company

Overview

What is AlienVault OSSIM?

OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified…

Read more

Learn from top reviewers

Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is AlienVault OSSIM?

OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified platform…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

25 people also want pricing

Alternatives Pricing

What is AlienVault USM?

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments,…

What is Trellix Helix?

Trellix Helix (formerly FireEye Helix) is a SIEM solution providing a non-malware threat detection solution.

Return to navigation

Product Demos

Archie Webster - AlienVault OSSIM Demo

YouTube

Explore OSSIM - demo HIDS

YouTube

OSSIM Demo (5.1) - Improved Threat Detection, Security Visibility, and Usability

YouTube
Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

7.5
Avg 7.8
Return to navigation

Product Details

What is AlienVault OSSIM?

OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified platform providing:
  • Asset discovery
  • Vulnerability assessment
  • Intrusion detection
  • Behavioral monitoring
  • SIEM
OSSIM provides the basis for AlienVault's proprietary Unified Security Management (USM) product.

It also leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts.

AlienVault OSSIM Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

(1-5 of 9)

A dinosaur aging gracefully!

Rating: 7 out of 10
February 11, 2020
JK
Vetted Review
Verified User
AlienVault OSSIM
2 years of experience
  • It integrates with a bunch of different platforms.
  • Collects tons of data from all integrated platforms provided the right level of logging is enabled.
Cons
  • The reports are clunky and a bit tedious to parse through.
  • Sometimes there's so much noise it's hard to tell what a true positive is. There are lots of false ones that trigger alerts but are normal behavior in many environments.

AlienVault OSSIM is the bomb!

Rating: 8 out of 10
October 15, 2019
LK
Vetted Review
Verified User
AlienVault OSSIM
4 years of experience
  • Threat analysis. It can correlate different events happening to detect a pattern or an attack.
  • Dashboard provides a clean, single location to see what is going on in our environment.
  • Up to date open threat exchange means everything new popping up out there is included and watched for in our environment.
Cons
  • Reporting is not the greatest. I had internal developers take data and create some reports that better fit my needs.
  • Navigation through the vulnerability scans is not ideal.
  • Asset management is also cumbersome to navigate through.

AlienVault OSSIM: Best Bang for Your Buck Hands Down!

Rating: 10 out of 10
October 09, 2019
MF
Vetted Review
Verified User
AlienVault OSSIM
3 years of experience
  • Scan network for anomalies once you've established a baseline.
  • Excellent job of showing unusual connections or file transfers
  • Excellent job of showing the health of network, congestions, etc.
Cons
  • It only comes with 10 canned reports. These reports are good, but a little more flexibility would be nice. The data is stored in a database, so it is possible to roll your own reports, just very clunky.
  • Log ingestion. The OSSIM product doesn't have a separate log server, so you either have to have a really, really beefy system to do both analysis and log ingestion, or just do log ingestion with something else.
  • Aggregation of data. Actually, it does this really well, but if you have more then two sites, it can slow your analysis down a little.

Lego block SIEM

Rating: 6 out of 10
November 24, 2021
Vetted Review
AlienVault OSSIM
4 years of experience
  • Collection of logs
  • Pricing
  • Ability to customize reports
Cons
  • Out of the box reporting
  • Correlation of events
  • AI

Alienvault - the friend from another world

Rating: 8 out of 10
November 04, 2021
Vetted Review
Verified User
AlienVault OSSIM
5 years of experience
  • Behavioral monitoring
  • Vulnerability assessment
  • Intrusion detection
Cons
  • Creating custom rules is a bit complicated
  • Reporting could be improved
  • Agent has caused conflicts with a couple of our other applications
Return to navigation