Overall Satisfaction with AlienVault OSSIM
AlienVault OSSIM address's several business problems including but not limited to.
OSSIM allows all this to be done form a single management platform saving time and money in having to use multiple platforms to complete daily tasks. With the OSSIM you will need a separate syslog server to allow the collection on logs
- SIEM
- Reporting
- Asset management
OSSIM allows all this to be done form a single management platform saving time and money in having to use multiple platforms to complete daily tasks. With the OSSIM you will need a separate syslog server to allow the collection on logs
- SIEM - Curtail part of managing your alarms and events on the network
- Reporting - Ability to complete one click reporting for most compliance needs saving time and resources
- GUI - The user interface is clean, and easy to use and customise
- Data logging - Note this is available via their paid version USM
- Plugins - More API plugins to aid the collection of logs form other security platforms
- Threat Map - Did not appear to work
- OSSIM is a free network SIEM so at no cost
- Allows us to reduce staff needed to collect and analyse data
- Fast responses to potential threats on the network
OSSIM is the free version of the Alien Vault USM and comes packed with most of the features you will need to get going. Like most free to use products, it is missing aspects that make the use of the product much more productive.
As an example, you will need a separate system for log storage, as the OSSIM does not have storage like the USM does, making the setup a little longer and more systems needed to make it work.
As an example, you will need a separate system for log storage, as the OSSIM does not have storage like the USM does, making the setup a little longer and more systems needed to make it work.