Want to see who topped the 2019 Best Software Awards?

AlienVault OSSIM

3.9
(19 reviews)

Alienvault OSSIM is an open source SIEM tool that contribute and receive real-time information about malicious hosts to help user increase security visibility and control in network.

Work for AlienVault OSSIM?

Learning about AlienVault OSSIM?

We can help you find the solution that fits you best.

Find the Right Product

AlienVault OSSIM Reviews

Ask AlienVault OSSIM a Question
Write a Review
Filter Reviews
Filter Reviews
  • Ratings
  • Company Size
  • User Role
  • Industry
Ratings
Company Size
User Role
Industry
Showing 24 AlienVault OSSIM reviews
LinkedIn Connections
AlienVault OSSIM review by Derek D.
Derek D.
Validated Reviewer
Verified Current User
Review Source

"My AlienVault OSSIM review!"

What do you like best?

The best thing with this product is the fact you are really protected with this. You don't have to worry about intrusions and protection. It does garanty a good security for any company. The other thing I like with AlienVault OSSIM is the fact you can check the logs easily and manage your security issues. A really powerful product.

What do you dislike?

What I dont't really like about this product is the fact this is an open source product so it's not updated automatically. The second thing I don't like is the support It takes a lot of time to get a reply. The fact It's free you don't have any help to learn how to use it.

Recommendations to others considering the product

If you're looking for a free (Open Source) product and trust this product then you can give it a try and protect your little company with this.

What business problems are you solving with the product? What benefits have you realized?

In a little company I have solved many problems for security issues and management. You don't have to worry about dangerous things for the company because the product helps you with that.

Sign in to G2 Crowd to see what your connections have to say about AlienVault OSSIM
AlienVault OSSIM review by Ivan M.
Ivan M.
Validated Reviewer
Review Source
Business partner of the vendor or vendor's competitor, not included in G2 Crowd scores.

"Threat detection and management at the reach of your hands!"

What do you like best?

What I like most about AlienVault OSSIM is the fact that it covers many layers of the security overview in your company, be it small, medium or enterprise level. Not only you receive events and correlate those, you also detect for the presence of new assets, strange behaviours in netflows and have a handy asset availability manager integrated with it. You cover a lot with such a simple, straightforward integrated tool as this one is.

What do you dislike?

If you are low on resources for this virtual machine, you might find your entire hypervisor "hung" in resources, as this is a very resource-intensive application. When idle it's already taking at least 5 Gb of RAM. As with every SIEM tool, you must properly size the virtual machine in order to have the right resources to handle your events per second metric in your network. In order to properly size this solution on the enterprise, you should also do stress tests over this virtual machine to see if it will handle your EPM metric.

Recommendations to others considering the product

Always request a solution architect to properly size this solution for you. Thanks to that, you can realize the most benefits from the features this great solution has to offer.

What business problems are you solving with the product? What benefits have you realized?

After properly configured (installed agents, listening on traffic on your mirror port, etc), you realize the benefit of threat intelligence over the traffic you just captured in a matter of minutes. So if you're presenting this tool in a demo presentation/proof-of-concept setup, it's an easy sale because the customer will see its value while you're showing it. Also, thanks to the Open Threat Exchange cloud intelligence from AlienVault, from the very first minute you get your first logs captured, you can detect new attacks that have been detected elsewhere, with the extra benefit it comes for free.

What Security Information and Event Management (SIEM) solution do you use?

Thanks for letting us know!
AlienVault OSSIM review by Paco M.
Paco M.
Validated Reviewer
Review Source

"Un buen programa para tus necesidades"

What do you like best?

Lo que más me gusta de AlienVault OSSIM es el hecho de que cubre muchas capas de la visión general de seguridad en su empresa, ya sea a nivel pequeño, mediano o empresarial. No solo recibe eventos y los correlaciona, también detecta la presencia de nuevos activos, comportamientos extraños en los flujos netos y tiene un práctico administrador de disponibilidad de activos integrado con él. Usted cubre mucho con una herramienta integrada tan simple y directa como esta.

What do you dislike?

Lo que realmente no me gusta de este producto es que es un producto de código abierto, por lo que no se actualiza automáticamente. Lo segundo que no me gusta es el soporte. Se necesita mucho tiempo para obtener una respuesta. El hecho de que es gratis no tiene ninguna ayuda para aprender a usarlo.

What business problems are you solving with the product? What benefits have you realized?

Después de configurar correctamente (agentes instalados, escuchar el tráfico en su puerto espejo, etc.), se da cuenta del beneficio de la inteligencia de amenazas sobre el tráfico que acaba de capturar en cuestión de minutos. Por lo tanto, si presenta esta herramienta en una configuración de demostración / prueba de concepto, es una venta fácil porque el cliente verá su valor mientras lo muestra. Además, gracias a la inteligencia en la nube de Open Threat Exchange de AlienVault, desde el primer minuto que obtiene sus primeros registros capturados, puede detectar nuevos ataques que se han detectado en otros lugares, con el beneficio extra que se obtiene de forma gratuita.

AlienVault OSSIM review by Jose Q.
Jose Q.
Validated Reviewer
Review Source

"Great and Affordable Threat Detection for Free!"

What do you like best?

AlienVault is a simple yet powerful solution for advanced threat analysis and management. It can hold its own in scanning complex network topologies in different scenarios, and the OSSIM version is open source, which makes it more attractive for middle-tier enterprises since it's free. The installation is very easy as well, as it's the basic configuration.

What do you dislike?

Of course, being open sourced is a trade-off. In OSSIM there is no Reports module, the Logger feature (for long-term events storage) and you're limited in the amount of cross correlations. Also, of course, being that the OSSIM is open-source it's not Cloud-based.

Recommendations to others considering the product

AlienVault is a quite solid SIEM foundation for everybody's needs. It has a powerful threat detector, both in hardware (HIDS) and network (NIDS), that actively and passively intercepts intrusion attempts to your covered systems and notifies you in consequence. The OSSIM version has quite a punch despite being open source, allowing to define alerts, threat analysis and notifications, and it's entirely web-based, meaning you can operate it from any web browser that can access your appliance. And speaking of appliances, it can be deployed in a virtual environment as well, for more convenience.

What business problems are you solving with the product? What benefits have you realized?

AlienVault helps us to detect incoming threats almost in a weekly basis. The AlienVault OTX (Open-Threat Exchange), a sort of global threat forum in which the latest information on security is broadcasted (in "pulses"), always keeps us up to date and well informed of what's happening globally in terms of IT Security.

AlienVault OSSIM review by Administrator in Government Administration
Administrator in Government Administration
Validated Reviewer
Verified Current User
Review Source

"OSSIM Review"

What do you like best?

OSSIM is great as a starter SIEM. I feel that it offers a good interface for collecting and viewing logs over a tradition solution such as Syslog.

What do you dislike?

I don't dislike anything in particular, I think for a free options this is great. What I would point out is that it leaves some features to be desired, but if you want them then simply move up to their paid product AlienVault USM.

Recommendations to others considering the product

OSSIM will take more administration than using the paid product USM, however know their is a great open source community behind this product. Assistance is out there if you need it, and as you feel you need to upgrade you can go right to AlienVault USM which has both support and many additional features.

What business problems are you solving with the product? What benefits have you realized?

Log collection for appliances and servers. Basic reporting and alerting based on these logs. Vulnerability scanning and server agents to assist in log collection / vuln scanning.

AlienVault OSSIM review by Rhett N.
Rhett N.
Validated Reviewer
Review Source

"A good product for Open Source SIEM (OSSIM) "

What do you like best?

My company really liked Alien Vaults features. Items like Intrusion detection, which is very important this day and age with so many cyber threats. Behavioral monitoring which also helps with cyber threats. Lastly the thing we liked best was SIEM event connections.

What do you dislike?

There was not a lot that we didn't like, I think we preferred better Asset Discovery. Client support could have been a little better, it wasn't bad but could have been better.

Recommendations to others considering the product

I think it was a good product, my company went a different direction so I didn't have long term use of the product. I do believe it is headed in the right direction and it has all the basics.

What business problems are you solving with the product? What benefits have you realized?

We were using Alien Vault as extra cyber security protection a long with using it for SIEM event connections.

AlienVault OSSIM review by Administrator in Information Technology and Services
Administrator in Information Technology and Services
Validated Reviewer
Review Source

"BEST OPEN SOURCE NSM TOOL"

What do you like best?

EVERYTHING OPENSOURCE , get alert when incident is happen.

and the thing i like most is the OTX (Open Threat Exchange) that provide the info about latest virus,malware,and suspicious IP reputation details to prevents such threats in company premises to avoid the hazardous effect.Also get vulnerabilities report of every asset using alienvault in-built OPENVAS scanner.

What do you dislike?

only think is that threat intelligence not updated in open source so otherwise everything is cool for small scale companies.

And the other thing log management is not possible in OSSIM

and less documentation and support

Recommendations to others considering the product

BEST OPEN SOURCE TOOL FOR SECURITY MONITORING IN SMALL SCALE ENVIRONMENT.IF YOU HAVE BIG INFRASTRUCTURE AND WANT ALL IN ONE SOLUTION THEN GO WITH ALIENVAULT USM.

What business problems are you solving with the product? What benefits have you realized?

its resolve the network incidents that may impact the network availability by some anonymous users or company employees. It help to detect the INTERNAL as well as external threat that create huge business impact .

AlienVault OSSIM review by Mehdi T.
Mehdi T.
Validated Reviewer
Review Source

"AlienVault OSSIM REVIEW"

What do you like best?

The best thing is this that it is open source and simple yet a very powerful solution for advanced threat analysis and management. It can hold its own in scanning complex network topologies in different scenarios. Not to mention, easy installation.

What do you dislike?

Since, it is open source (FREE) i can't really complaint about anything. If i complain then it would be unfair with the product's review.

Recommendations to others considering the product

It has a powerful threat detector. Very much suitable for a small and medium scale environment.

What business problems are you solving with the product? What benefits have you realized?

Security monitoring, compliance audits. The AlienVault OTX a global forum where we can get latest updates about information security.

AlienVault OSSIM review by Zaštita na radu W.
Zaštita na radu W.
Validated Reviewer
Review Source

"Lots of features but complicated UI"

What do you like best?

It was the only open source based free solution that we found to be production ready.

What do you dislike?

Combersome installation and maintenance. Looks like the "non-free" solution provides more usability.

Recommendations to others considering the product

If you are looking for something on a tight budget, this may suite your needs.

What business problems are you solving with the product? What benefits have you realized?

We are using it to keep track and analyze logs from multiple systems. We've setup alerts based on suspicious log entries.

AlienVault OSSIM review by Andre B.
Andre B.
Validated Reviewer
Review Source

"Great software!"

What do you like best?

I like the fact that I have the ultimate security management system.

What do you dislike?

AlienVault OSSIM takes a little time getting used to, but after a while it gets a little easier to use.

Recommendations to others considering the product

I highly recommend this software.

What business problems are you solving with the product? What benefits have you realized?

Dealing with high profile clients and information, it is imperative to have a great security management system in place for the ultimate protection.

AlienVault OSSIM review by Dorian H.
Dorian H.
Validated Reviewer
Review Source
Business partner of the vendor or vendor's competitor, not included in G2 Crowd scores.

"Highly recommended by cyber security professional "

What do you like best?

Easy to learn and to use. Can easily teach others to use tool. Team can implement tool to find vulnerabilities.

What do you dislike?

UI needs improvement and some times a few bugs/errors pop up when in use.

Recommendations to others considering the product

Use for general information. The tool will not give in-depth information on the vulnerabilities discovered

What business problems are you solving with the product? What benefits have you realized?

Finding general vulnerabilities.

AlienVault OSSIM review by User in Furniture
User in Furniture
Validated Reviewer
Review Source

"AlienVault is a hit for all your security needs"

What do you like best?

I love all the different aspects this software has regarding is detection services. I also like the fact that is is Crowd source service so it is generally 100

% up to date with current threats.

What do you dislike?

I dislike the interface and "skin" of the software. Not pleasing to the eye for me and took a long time for me to get use to it.

Recommendations to others considering the product

Definitely worth putting on your radar.

What business problems are you solving with the product? What benefits have you realized?

detecting security threats previously was more of a hit or miss. Now it is much more accurate and I feel more confident in my work.

AlienVault OSSIM review by Daisuke G.
Daisuke G.
Validated Reviewer
Review Source

"If u want a good security, this is your choice!"

What do you like best?

The quick response time they have with each incident

What do you dislike?

Maybe the high cost, but the quality is paid

Recommendations to others considering the product

If you want a company that gives you security, here you have it.

What business problems are you solving with the product? What benefits have you realized?

We had an exploit in one of our pages which, this company, quickly solved us

AlienVault OSSIM review by Brighton Nicholas K.
Brighton Nicholas K.
Validated Reviewer
Review Source

"AlienVault OSSIM best multitask and view arrangement "

What do you like best?

The amount of information provided, the way the data is displayed and how secure it is.

What do you dislike?

Crashes under a lot of data streams, and resolution can be a bit unadjusted

Recommendations to others considering the product

For Multi Managerial needs!

What business problems are you solving with the product? What benefits have you realized?

Data security and breaching

AlienVault OSSIM review by Administrator
Administrator
Validated Reviewer
Verified Current User
Review Source
Business partner of the vendor or vendor's competitor, not included in G2 Crowd scores.

"Nice SIEM nut with a few cons"

What do you like best?

The rules, the groupment of the events and how they are shown.

What do you dislike?

If you make a new tab and open other filters all vanished, doesn't support the multipage filters

What business problems are you solving with the product? What benefits have you realized?

I'm currently using AlienVault OSSIM and configure Logger and sometimes the log file explode

AlienVault OSSIM review by Industry Analyst / Tech Writer in Computer Software
Industry Analyst / Tech Writer in Computer Software
Validated Reviewer
Review Source
Business partner of the vendor or vendor's competitor, not included in G2 Crowd scores.

"stable and secure"

What do you like best?

its easier to work with relatively . The best part is how it protects you through different layers .

What do you dislike?

it definitely takes up processing power and needs resources to actually funcntion in full throttle . You can find yourslef frozen at times if you are using it

What business problems are you solving with the product? What benefits have you realized?

Working in payment side of a pci compliant technology the security threats are massive . This is just another tool to help protect us from threats

AlienVault OSSIM review by Executive Sponsor in Animation
Executive Sponsor in Animation
Validated Reviewer
Review Source
Business partner of the vendor or vendor's competitor, not included in G2 Crowd scores.

"AlienVault Review"

What do you like best?

AlienVault es una empresa que salió de la nada, eso tiene un mérito increíble, además española, Gracias a Julio Casal y Jaime Blasco, han creado una empresa de 800 millones de dólares algo impresionante al alcance de muy pocos

What do you dislike?

Si es cierto que desde 2007 que apareció la empresa en estos últimos años pasa por sus peores momentos

What business problems are you solving with the product? What benefits have you realized?

Admiro cómo empezó esta empresa pero pienso que se han perdido los principios y me gustaría que esto recuperará

AlienVault OSSIM review by User in Information Technology and Services
User in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source

"best open source security information"

What do you like best?

its good in event management system and the organization system

What do you dislike?

it will be better to be faster and maybe the log managment get fix i get problem sometimes

Recommendations to others considering the product

well it will make your work more organize

What business problems are you solving with the product? What benefits have you realized?

well security mostly

AlienVault OSSIM review by User in Oil & Energy
User in Oil & Energy
Validated Reviewer
Review Source

"AlienValut OSSIM is the Future!"

What do you like best?

I like its reporting feature, the ability to create a scheduled report and email it automatically. That comes in very handy. Also, the collection of tools it provides such as compliance management, file integrity monitoring, vulnerability assessment, and IDS/IPS.

What do you dislike?

The lack of documentation when implementing in-house customization.

Recommendations to others considering the product

I would totally recommend it for small sized and medium sized businesses.

What business problems are you solving with the product? What benefits have you realized?

It helps us keep internal and external threats on the perimeter if any. It keeps our network secure from any security breach.

AlienVault OSSIM review by Administrator in Computer & Network Security
Administrator in Computer & Network Security
Validated Reviewer
Review Source

"Wonderful software "

What do you like best?

It gives details logs and very well integated with most IDS softwares.Inuse it with SNORT most of the times and works well.

What do you dislike?

Too high system requirement. It is good but for a smaller industry the system requirement is too high otherwise a lot of overhead

What business problems are you solving with the product? What benefits have you realized?

It gives detailed logs and perfectly itgrates with IDS alerts

AlienVault OSSIM review by User in Accounting
User in Accounting
Validated Reviewer
Review Source

"Awesome SIEM tool for companies of varying sizes"

What do you like best?

I like the fact that you can calibrate the SIEM tool to get the amount of monitoring you would like. Also, there is capability of adding features if you would like to pay some more. Can manage so many Compliance features

What do you dislike?

Nothing really. It operates exactly as how you would need to comply for majority audits

Recommendations to others considering the product

Go for it certainly!

What business problems are you solving with the product? What benefits have you realized?

Majorly compliance audits and security monitoring

AlienVault OSSIM review by User in Law Enforcement
User in Law Enforcement
Validated Reviewer
Review Source

"Great Software"

What do you like best?

Ease of use along with how great the intrusion detection works.

What do you dislike?

This program does not have anything I don't like about it.

Recommendations to others considering the product

Get with the program. LITERALLY!

What business problems are you solving with the product? What benefits have you realized?

Able to log any type of access into our system and we are able to see any type of discrepancies and address them with ease.

AlienVault OSSIM review by User in Computer Software
User in Computer Software
Validated Reviewer
Review Source

"Best security integration tool"

What do you like best?

PRADS and TCPtrack ,it has best UI and good graphical representations.

What do you dislike?

disability to manage cloud service.OSSIM should have been to upgrade to do certain more functionalities like USM.

What business problems are you solving with the product? What benefits have you realized?

We have Alien OSSIM on out internal test servers

AlienVault OSSIM review by User
User
Validated Reviewer
Review Source

"Not real fancy put gets the job done"

What do you like best?

Fairly easy to install and get working. We had it working in less than an hour.

What do you dislike?

Takes a really long time to decipher the collection of data. However, this is true of any SIEM product.

What business problems are you solving with the product? What benefits have you realized?

Cybersecurity monioring

Kate from G2 Crowd

Learning about AlienVault OSSIM?

I can help.
* We monitor all AlienVault OSSIM reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.