AlienVault OSSIM
December 01, 2018

AlienVault OSSIM

Scott Holland | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with AlienVault OSSIM

AlienVault OSSIM address's several business problems including but not limited to.
  • SIEM
  • Reporting
  • Asset management

OSSIM allows all this to be done form a single management platform saving time and money in having to use multiple platforms to complete daily tasks. With the OSSIM you will need a separate syslog server to allow the collection on logs
  • SIEM - Curtail part of managing your alarms and events on the network
  • Reporting - Ability to complete one click reporting for most compliance needs saving time and resources
  • GUI - The user interface is clean, and easy to use and customise
  • Data logging - Note this is available via their paid version USM
  • Plugins - More API plugins to aid the collection of logs form other security platforms
  • Threat Map - Did not appear to work
  • OSSIM is a free network SIEM so at no cost
  • Allows us to reduce staff needed to collect and analyse data
  • Fast responses to potential threats on the network
OSSIM is the free version of the Alien Vault USM and comes packed with most of the features you will need to get going. Like most free to use products, it is missing aspects that make the use of the product much more productive.

As an example, you will need a separate system for log storage, as the OSSIM does not have storage like the USM does, making the setup a little longer and more systems needed to make it work.
OSSIM is suited for security researchers and system admins who want quick visibility of network activity and alerts they may have missed without the aid of Alien Vault OSSIM. After a setup that only takes around 15 to 30 minutes, you will be seeing network traffic and generating alarms on your dashboard making it fast and effective deployment.

AlienVault OSSIM Feature Ratings

Correlation
7
Event and log normalization/management
6
Deployment flexibility
8
Integration with Identity and Access Management Tools
7
Custom dashboards and workspaces
9
Host and network-based intrusion detection
8