AlienVault OSSIM vs i-SIEM [EOL] comparison

AT&T and Cybereason are both solutions in the Security Information and Event Management (SIEM) category. Additionally, 80% of AT&T users are willing to recommend the solution, compared to 100% of Cybereason users who would recommend it.

AlienVault OSSIM

Read 31 AlienVault OSSIM reviews

5,499 Views
3,751 Comparison Views

80% willing to recommend

i-SIEM [EOL]

Read 1 i-SIEM [EOL] review

100% willing to recommend

AlienVault OSSIM

i-SIEM [EOL]

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 12, 2025

AlienVault OSSIM and i-SIEM [EOL] are in the cybersecurity space. i-SIEM [EOL] leads with a superior feature set and overall value despite its higher costs.

Features: AlienVault OSSIM provides rich threat intelligence integration, efficient log management, and customizable alerts. i-SIEM [EOL] delivers advanced analytics, real-time threat detection, and high scalability.

Ease of Deployment and Customer Service: i-SIEM [EOL] offers cloud-based deployment for flexibility and minimal infrastructure needs. AlienVault OSSIM relies on on-premise setups, potentially complicating installations. AlienVault OSSIM offers better support.

Pricing and ROI: AlienVault OSSIM is cost-effective with a quicker ROI, suitable for smaller budgets. i-SIEM [EOL] has higher upfront costs justified by its extensive features, offering significant ROI for enterprises with sophisticated needs.

To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: March 2025).

Buyer's Guide

Security Information and Event Management (SIEM)

March 2025

Download the complete report

Helped 845,485 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

AlienVault OSSIM

Average Rating

7.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (10th)

i-SIEM [EOL]

Average Rating

9.0

Number of Reviews

Ranking in other categories

No ranking in other categories

Featured Reviews

Aman Aijaz

Assistant Manager Global Security at Convergys Corporation

An easy-to-scale open-source solution used for monitoring events on devices

The area for improvement is a lot. When I started using it on our enterprise side, the issue we faced was, for example, if we were running at that time on AlienVault OSSIM v5.7.4. So, for some orders, we had to install some packages, and when we tried installing that package, some dependencies got upgraded to a new version. Now once that dependency got upgraded, the SQL, since you might be aware that OSSIM uses SQL database, now SQL and all the dependency in everything was not on the same version, and that caused the database to crash. The aforementioned area should be eased out by upgrading the patches and upgrading dependencies. This kind of thing is a disadvantage of OSSIM, and I would like them to work on this. But I have also raised service requests many times and gave it a push on the community section too. However, since it is a local source, they don't reply much over there. That is why I don't like to work on OSSIM because it is unpredictable. Once the storage goes above 50 percent, it starts behaving unpredictably. If you get stuck with a situation, then you need to drill a lockdown into that. Sometimes you get no luck. Then you have to just reimage the server with the new fresh OS of AlienVault. As for additional features, not much because if you move to the newer version, it is kind of getting more stable. But, to make my life easier, then I would say try to give more features. I know it's open source, so they also cannot provide me with more features. But still, if they can provide me with more features because right now it's becoming old. Right now, we are even moving from SIEM to Security Data Lake. So when we move to it, this will be literally outdated. No one can even expect anything out of it. The way security is moving, it will be outdated very soon. They have to also provide something new to keep this going for the future also.

Read full review

Dannie Combs

Senior Vice President and Chief Information Security Officer at Donnelley Financial Solutions

The alert fatigue and false positive rates have just plummeted, which is really exciting.

empow has a few areas of improvement as with any other technology, such as continuing to drive innovation in the dashboard. While we've been extremely impressed with the dashboard's ease of use, flexibility, ability to drill down deeply, and focus very intently on an area of interest, there will always be opportunities to be more innovative and open it up to a wider audience than just the operations group, for example. With reporting, there is always a desire to have custom reporting for every client of empow. Relative to keeping up with the sheer pace of cloud-native technologies, it should provide more options for clients to deploy their technologies in unique ways. This is an area that I recommend that they maintain focus.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable features of this solution are the data correlation and vulnerability assessment."

"There are a lot of people you will find using OSSIM since they are also offering OTX as a service"

"I recommend it due to the experience of the people running it."

"The initial setup was straightforward. I didn't have any problems."

"The most valuable feature is the logging capability."

"The product is majorly used for threat detection of the agents on servers and endpoints."

"The solution is very stable. Compared to Qradar and Splunk, it's very stable."

"Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. It is also free and very powerful."

More AlienVault OSSIM pros

"As a result of the automation, we are able to manage SIEM with a small security team. I'm in a unique position where we have been growing the security organization quite rapidly over the last three and a half years. But, as a direct result of the empow transition and legacy collection of tools towards the empow platform, we've been able to keep that head count flat. We've been able to redirect a lot of the security team's time away from the wash, rinse, repeat activities of responding to alarms where we have a high degree of confidence that they will be false positives, adjusting the rules accordingly. This can be a bit frustrating for the analyst when they have to spend hours a day dealing with these types of probable false positives. So, it has helped not only us keep our headcount flat relative to the resources necessary to provide the assurances that our executives expect of us for monitoring, but allows our analyst team to spend the majority of their time doing what they love. They are spending their time meaningfully with a higher degree of confidence and enjoying getting into the incident response type activity."

Cons

"AlienVault OSSIM could improve by having better integration with some of the newer tools."

"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."

"AlienVault OSSIM should improve the deployment and make it unified like the USM."

"GUI could be improved."

"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."

"AlienVault OSSIM is costly."

"I don't like to work on OSSIM because it is unpredictable."

"The correlation engine needs to be improved."

More AlienVault OSSIM cons

"Relative to keeping up with the sheer pace of cloud-native technologies, it should provide more options for clients to deploy their technologies in unique ways. This is an area that I recommend that they maintain focus."

Pricing and Cost Advice

"OSSIM is open source, and USM is the paid license. So, if you want, you can switch to USM. There you will have to buy a license, and they have a support team that helps you out on issues you face."

"We are using a free version of the solution. If you purchase a license there are more features available but the price is a little high. The solution should be cheaper to allow more customers to be able to afford it."

"The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this."

"AlienVault OSSIM is expensive compared to its competitors."

"The solution is open source, so it's free to use."

"OSSIM is free."

"I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log."

"AlienVault pricing is the best. Whatever cost you are paying, you are getting a return on every penny... It's not like your IBM, your QRadar, or Splunk, where the cost is too high."

More AlienVault OSSIM pricing and cost advice

"I don't have to put up with any longer with these hypercomplex licensing agreements. Every time I want to add some additional reporting as a compliance centric or regulatory specific, e.g., GDPR, PCI, or Sarbanes-Oxley, many providers would have an additional license for this, which felt a bit ridiculous to me. With the simplified licensing architecture, there were no hidden "gotchas" down the road with empow. Something I have experienced with other providers that I've worked with in the past."

"With a higher degree of fidelity in the alarms, we were able to avoid adding additional resources to our teams. We take into account the cost of security resources in the market and the significantly higher fidelity from the alarms that are being generated. This drove down our costs with our MSSP. It drove down my cost for human capital internally. It drove down our need to have multiple resources supporting the underlying infrastructure and health and maintenance of empow as a platform from several resources down to one. Therefore, human capital costs were significantly reduced. Our operating expenses were significantly reduced. Our capital costs were significantly reduced while tripling our capacity and our run rate reduced. It was almost a "too good to be true" situation. Fortunately, for us, it worked out very nicely."

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

845,485 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Comms Service Provider

10%

Financial Services Firm

University

Computer Software Company

15%

Real Estate/Law Firm

12%

Financial Services Firm

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about AlienVault OSSIM?

Asset discovery is good.

See all answers

What is your experience regarding pricing and costs for AlienVault OSSIM?

It depends. I would need to review their cost models, but generally, they are on a scaled basis based on throughput usage. Because it's a software as a service solution for their core product for U...

See all answers

What needs improvement with AlienVault OSSIM?

Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implement...

See all answers

Ask a question

Earn 20 points

Comparisons

Wazuh vs AlienVault OSSIM

Compared 82% of the time

USM Anywhere vs AlienVault OSSIM

Compared 5% of the time

Elastic Security vs AlienVault OSSIM

Compared 3% of the time

Splunk Enterprise Security vs AlienVault OSSIM

Compared 2% of the time

Rapid7 InsightIDR vs AlienVault OSSIM

Compared 2% of the time

More AlienVault OSSIM Competitors

DNIF HYPERCLOUD vs i-SIEM [EOL]

Compared 100% of the time

More i-SIEM [EOL] Competitors

Product Reports

Buyer's Guide

AlienVault OSSIM

March 2025

Download AlienVault OSSIM product report

Buyer's Guide

Security Information and Event Management (SIEM)

March 2025

Download i-SIEM [EOL] product report

Also Known As

OSSIM

No data available

Overview

AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

AT&T

i-SIEM [EOL] delivers comprehensive monitoring and threat detection capabilities suitable for today's security challenges. It integrates with existing systems, enabling efficient threat analysis and response for knowledgeable users.

i-SIEM [EOL] offers advanced security analytics and seamless integration with security infrastructure, making it a favored choice among technology professionals. Its intuitive design caters to efficient threat management. Users appreciate its capability to process large data volumes for timely threat detection and remediation. The platform ensures effective incident response through automated processes, assisting professionals in maintaining robust security postures.

What are the key features of i-SIEM [EOL]?

Advanced Threat Detection: Utilizes real-time analytics for identifying potential security threats.
Integration Capabilities: Easily connects with diverse security tools for a cohesive security strategy.
Automated Incident Response: Facilitates swift responses to security incidents to mitigate risks.

What benefits and ROI can i-SIEM [EOL] offer?

Reduced Security Risks: Proactively identifies and addresses vulnerabilities before exploitation.
Operational Efficiency: Automation reduces manual workload and minimizes error.
Cost-Effectiveness: Streamlines processes to lower overall security management costs.

i-SIEM [EOL] is implemented across industries like finance, healthcare, and manufacturing, where security and compliance are critical. Its flexibility in handling specific industry requirements makes it suitable for enhancing security postures and operational efficiency.

Cybereason

Sample Customers

Council Rock School District

University of Oklahoma, Donnelley

Buyer's Guide

Security Information and Event Management (SIEM)

March 2025

Download Free Report

Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: March 2025.

DOWNLOAD NOW

845,485 professionals have used our research since 2012.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.