A dinosaur aging gracefully!
Overall Satisfaction with AlienVault OSSIM
We're currently on a migration path to eliminate AlienVault OSSIM but it was our only SIEM when I first arrived on location. We use it to collect and analyze security data from a variety of sources. Kind of like a receiver is used to merge audio sources from a bunch of disparate systems.
Pros
- It integrates with a bunch of different platforms.
- Collects tons of data from all integrated platforms provided the right level of logging is enabled.
Cons
- The reports are clunky and a bit tedious to parse through.
- Sometimes there's so much noise it's hard to tell what a true positive is. There are lots of false ones that trigger alerts but are normal behavior in many environments.
- OSSIM and the installers didn't really help us optimize at installation. OSSIM went without optimization for almost two years before that fact was noticed. I think this decreased ROI.
- Finding and researching incidents is much faster with all data available. Sometimes too much data, though.
I liked it but it seemed a bit pricey for our organization at the time in comparison to AlienVault.
Do you think AlienVault OSSIM delivers good value for the price?
Yes
Are you happy with AlienVault OSSIM's feature set?
Yes
Did AlienVault OSSIM live up to sales and marketing promises?
Yes
Did implementation of AlienVault OSSIM go as expected?
Yes
Would you buy AlienVault OSSIM again?
No
Comments
Please log in to join the conversation