Try our new research platform with insights from 80,000+ expert users

AlienVault OSSIM vs Elastic Security comparison

AT&T and Elastic are both solutions in the Security Information and Event Management (SIEM) category. AT&T is ranked #11 with an average rating of 7.3, while Elastic is ranked #5 with an average rating of 7.7. AT&T holds a 5.0% mindshare in SIEM, compared to Elastic’s 7.7% mindshare. Additionally, 80% of AT&T users are willing to recommend the solution, compared to 85% of Elastic users who would recommend it.
AlienVault OSSIM
Read 30 AlienVault OSSIM reviews
  • 6,061 Views
  • 3,812 Comparison Views
80% willing to recommend
Elastic Security
Read 62 Elastic Security reviews
  • 11,560 Views
  • 9,584 Comparison Views
85% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

Elastic Security and AlienVault OSSIM compete in the security analytics and management category. Elastic Security has the upper hand owing to its integration and analytics depth, offering greater customization and scalability.

Features: Elastic Security users highlight advanced analytics and integration capabilities, providing deep, customizable insights. AlienVault OSSIM is praised for its comprehensive out-of-the-box security features, appealing to those needing immediate utility. Elastic Security offers flexibility and depth, while AlienVault OSSIM focuses on ease of use and immediate functionality.

Room for Improvement: Elastic Security users mention the complexity of configurations and a steep learning curve. AlienVault OSSIM users highlight limitations in scalability and the need for more advanced analytics. Elastic Security could benefit from usability enhancements, whereas AlienVault OSSIM needs better scalability and analytics.

Ease of Deployment and Customer Service: Elastic Security users find its deployment complex but appreciate its robust customer support. AlienVault OSSIM users report simpler deployment but mixed customer service experiences. Elastic Security demands more technical expertise for setup but offers superior support, while AlienVault OSSIM provides a smoother initial deployment with variable support quality.

Pricing and ROI: Elastic Security is seen as costly but delivers high ROI through extensive features and integration. AlienVault OSSIM is recognized for its lower upfront costs and reasonable ROI, particularly for smaller organizations. Despite the higher price, Elastic Security's comprehensive capabilities justify its cost, whereas AlienVault OSSIM offers a cost-effective solution with decent returns.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AlienVault OSSIM vs. Elastic Security Report (Updated: December 2024).
Buyer's Guide
AlienVault OSSIM vs. Elastic Security
December 2024
Download the complete report
Helped 824,053 peers since 2012
 

Categories and Ranking

AlienVault OSSIM
Ranking in Security Information and Event Management (SIEM)
11th
Average Rating
7.4
Reviews Sentiment
7.2
Number of Reviews
30
Ranking in other categories
No ranking in other categories
Elastic Security
Ranking in Security Information and Event Management (SIEM)
5th
Average Rating
7.6
Reviews Sentiment
6.7
Number of Reviews
62
Ranking in other categories
Log Management (5th), Endpoint Detection and Response (EDR) (16th), Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (8th)
 

Mindshare comparison

As of December 2024, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 5.0%, up from 3.0% compared to the previous year. The mindshare of Elastic Security is 7.7%, down from 9.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

HarshBhardiya - PeerSpot reviewer
An open-source solution that provide good detection and more visibility
The solution is not scalable. It impacts so hard. In the initial stages, AlienVault OSSIM can be suitable for small environments. There may be limitations if the customer expresses a desire to expand and add more devices. In such cases, we would need to either explore additional solutions or work within the constraints of the existing setup. We have set up alerts and configured everything in AlienVault OSSIM. It actively monitors for any security incidents. It provides us with regular updates and notifications about any ongoing activities. Only one person is using the solution. It is the perfect solution for small businesses. I rate the solution’s scalability a three out of ten.
Read full review
Gajewski Marek - PeerSpot reviewer
Provides good anomaly detection and connectivity reporting
We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of this solution are the data correlation and vulnerability assessment."
"The initial setup is straightforward."
"The solution has a very good open source community, and whenever we have problems, we are always able to resolve it online."
"The solution is very stable. Compared to Qradar and Splunk, it's very stable."
"The threat alerts it gives me from time to time on harmful code within the network, or if they are generating any network traffic, are very useful."
"AlienVault OSSIM is an enterprise solution that sells easily. It is rated highly by organizations."
"OSSIM is the only solution that includes the large number of modules that we need: a vulnerability scanner, a network IDS system, a host IDS system."
"The paid version of the solution has reporting and better scalability options."
More AlienVault OSSIM pros
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"It's very stable and reliable."
"Elastic Security makes data communication easier."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"The product has huge integration varieties available."
"Enables monitoring of application performance and the ability to predict behaviors."
"The most valuable feature is the ability to collect authentication information from service providers."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
More Elastic Security pros
 

Cons

"GUI could be improved."
"AlienVault OSSIM could improve by having better integration with some of the newer tools."
"There needs to be more support or some kind of training program so users can self-learn the system more effectively."
"AlienVault OSSIM is costly."
"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."
"The user interface could be improved."
"The solution is not scalable."
"AlienVault OSSIM gives unwanted notifications."
More AlienVault OSSIM cons
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."
"Elastic Security can be a bit difficult to use if a person only has experience in SMBs with tools like Zoho. The product can also be difficult for those who have never dealt with query language."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"It's a little bit of a learning curve to understand the logic of searching for things and trying to find what you're looking for in Elastic Security."
"We'd like better premium support."
"I want to find an automatic security system in the tool, like a SOAR solution. I am looking forward to seeing a SOAR system in the tool."
More Elastic Security cons
 

Pricing and Cost Advice

"AlienVault OSSIM is expensive compared to its competitors."
"The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this."
"The price of AlienVault OSSIM is too high sometimes for us to present to our customers. The price should be lower. We are on a three-year license to use the solution. We had to pay extra for the support."
"The solution is open source, so it's free to use."
"We are using the community version, which can be used for free."
"AlienVault pricing is the best. Whatever cost you are paying, you are getting a return on every penny... It's not like your IBM, your QRadar, or Splunk, where the cost is too high."
"AlienVault OSSIM is free."
"I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log."
More AlienVault OSSIM pricing and cost advice
"There is no charge for using the open-source version."
"The licensing cost of Elastic Security is based on the daily ingestion rate. I can't recall the exact figure, but for 10GB of log action daily, it would cost around $20,000."
"I find it better than Splunk in terms of cost-effectiveness. For cost-effectiveness, I would rate it a nine out of 10."
"This is an open-source product, so there are no costs."
"The solution is free."
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"Elastic Security is free to use."
"It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
More Elastic Security pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
824,053 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
9%
Comms Service Provider
8%
Educational Organization
8%
Computer Software Company
17%
Financial Services Firm
10%
Government
10%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about AlienVault OSSIM?
Asset discovery is good.
See all answers
What is your experience regarding pricing and costs for AlienVault OSSIM?
I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log.
See all answers
What needs improvement with AlienVault OSSIM?
There are somewhat more false positives with the user behavior analytics, which could benefit from an additional machine learning model to detect user patterns more rapidly. The integration capabil...
See all answers
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
See all answers
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
See all answers
What is your experience regarding pricing and costs for Elastic Security?
Elastic Security is cost-effective compared to Defender and CrowdStrike. The pricing is reasonable, especially for Small Medium Enterprises (SMEs), making it a viable option for businesses building...
See all answers
 

Comparisons

Wazuh vs AlienVault OSSIM Logo
Wazuh vs AlienVault OSSIM
Compared 82% of the time
USM Anywhere vs AlienVault OSSIM Logo
USM Anywhere vs AlienVault OSSIM
Compared 4% of the time
Splunk Enterprise Security vs AlienVault OSSIM Logo
Splunk Enterprise Security vs AlienVault OSSIM
Compared 2% of the time
Rapid7 InsightIDR vs AlienVault OSSIM Logo
Rapid7 InsightIDR vs AlienVault OSSIM
Compared 1% of the time
Microsoft Defender XDR vs AlienVault OSSIM Logo
Microsoft Defender XDR vs AlienVault OSSIM
Compared 1% of the time
More AlienVault OSSIM Competitors
Wazuh vs Elastic Security Logo
Wazuh vs Elastic Security
Compared 31% of the time
CrowdStrike Falcon vs Elastic Security Logo
CrowdStrike Falcon vs Elastic Security
Compared 8% of the time
IBM Security QRadar vs Elastic Security Logo
IBM Security QRadar vs Elastic Security
Compared 7% of the time
Microsoft Sentinel vs Elastic Security Logo
Microsoft Sentinel vs Elastic Security
Compared 6% of the time
LogRhythm SIEM vs Elastic Security Logo
LogRhythm SIEM vs Elastic Security
Compared 1% of the time
More Elastic Security Competitors
 

Product Reports

Buyer's Guide
AlienVault OSSIM
December 2024
AlienVault OSSIM reportDownload AlienVault OSSIM product report
Buyer's Guide
Elastic Security
December 2024
Elastic Security reportDownload Elastic Security product report
 

Also Known As

OSSIM
Elastic SIEM, ELK Logstash
 

Learn More

Video not available
AT&T
Elastic
 

Overview

AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

Additional offerings and benefits:

  • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
  • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
  • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

 

Sample Customers

Council Rock School District
Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Buyer's Guide
AlienVault OSSIM vs. Elastic Security
December 2024
Free Report: AlienVault OSSIM vs. Elastic Security
Find out what your peers are saying about AlienVault OSSIM vs. Elastic Security and other solutions. Updated: December 2024.
DOWNLOAD NOW
824,053 professionals have used our research since 2012.
See our AlienVault OSSIM vs. Elastic Security report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.