We performed a comparison between AlienVault OSSIM and ArcSight Enterprise Security Manager (ESM) based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. It is also free and very powerful."
"The most valuable feature is the logging capability."
"The solution is free to use."
"You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think Alien Vault has the best price-performance ratio."
"The initial setup is straightforward."
"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"Better than other SIEM solutions because almost everything can be integrated."
"The paid version of the solution has reporting and better scalability options."
"It is a very useful tool for intelligence building because it has many use cases and many rule sets."
"Once the rules are defined, it becomes easy to detect changes and generate automated logs."
"The real-time analysis adds value."
"This process has helped to improve our organization because we have centralized the intra-group security equipment logs."
"ESM has valuable features for event prediction and security analysis."
"We have been satisfied with the support."
"The most useful features are directories, price, and live reporting."
"The user interfaces are quite good and speedy."
"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."
"The price of this solution is very high and it could be cheaper."
"It's so hard to configure and explore something new on it."
"I would like the solution to be able to integrate with my firewall, my IDS and my Honeypot solutions so that it can provide real-time reporting as things occur and then have alert sent to me on my phone when suspicious activity is happening."
"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."
"AlienVault OSSIM gives unwanted notifications."
"The documentation could be improved."
"The incidence reporting could be better."
"The roadmap is not clear."
"The product should include a lot more predefined scenarios so the adopted company will have knowledge and a broader skill set in security and network."
"In certain cases, this product does have false positives, which the company should work on."
"There could be more API features for extracting logs on different devices included in the product."
"The onboarding process for this solution could be better. It also needs a better GUI."
"They also could improve the product by integrating user and identity behavior analytics."
"ArcSight ESM needs to improve performance, user interface, and automation."
"When we need to consume old events, we have to wait for a long time. ArcSight should improve the database capability to reply to queries faster. It would also be interesting if they implemented network visibility. For example, they could add a feature like NetWitness with a model just for looking through the packets."
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 28 reviews while ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews. AlienVault OSSIM is rated 7.4, while ArcSight Enterprise Security Manager (ESM) is rated 7.8. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and Microsoft Sentinel, whereas ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, Trellix ESM, ArcSight Intelligence, IBM Security QRadar and Elastic Security. See our AlienVault OSSIM vs. ArcSight Enterprise Security Manager (ESM) report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.