Try our new research platform with insights from 80,000+ expert users

AlienVault OSSIM vs Microsoft Sentinel comparison

AT&T and Microsoft are both solutions in the Security Information and Event Management (SIEM) category. AT&T is ranked #13 with an average rating of 7.2, while Microsoft is ranked #2 with an average rating of 8.4. AT&T holds a 4.5% mindshare in SIEM, compared to Microsoft’s 10.8% mindshare. Additionally, 80% of AT&T users are willing to recommend the solution, compared to 93% of Microsoft users who would recommend it.
AlienVault OSSIM
Read 30 AlienVault OSSIM reviews
  • 6,404 Views
  • 3,905 Comparison Views
80% willing to recommend
Microsoft Sentinel
Read 89 Microsoft Sentinel reviews
  • 23,840 Views
  • 13,739 Comparison Views
93% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

AlienVault OSSIM and Microsoft Sentinel are both prominent security information and event management (SIEM) tools. Users prefer AlienVault OSSIM for its affordability and support, but Microsoft Sentinel offers more comprehensive features, making it a better long-term investment.

Features: AlienVault OSSIM users value its robust open-source capabilities, good integration with other tools, and affordability. Microsoft Sentinel users appreciate its advanced analytics, scalability, and cloud-native design. Sentinel's more comprehensive feature set is better suited for large enterprises.

Room for Improvement: AlienVault OSSIM users often note the need for a more intuitive user experience, enhanced log management, and better documentation. Microsoft Sentinel users mention the high learning curve, complexity, and sometimes cumbersome setup process. Despite its complexity, Sentinel's extensive capabilities make it a strong tool.

Ease of Deployment and Customer Service: AlienVault OSSIM users find the deployment process straightforward with reliable customer support. Microsoft Sentinel, while praised for its flexible deployment options, gets mixed reviews on support due to some users experiencing longer resolution times. However, Sentinel's cloud integration is noted as a significant advantage.

Pricing and ROI: AlienVault OSSIM is favored for its lower setup costs and faster ROI. Microsoft Sentinel, despite higher initial costs, is viewed as delivering better long-term ROI because of its advanced features and scalability, justifying the higher price point.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AlienVault OSSIM vs. Microsoft Sentinel Report (Updated: October 2024).
Buyer's Guide
AlienVault OSSIM vs. Microsoft Sentinel
October 2024
Download the complete report
Helped 816,192 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Customer Service

No sentiment score available
AlienVault OSSIM support varies, with paid users experiencing mixed resolutions, while many rely on community and self-solving.
Sentiment score
8.8
Microsoft Sentinel support is generally positive, with mixed reviews on responsiveness and the necessity for premium support tiers.
 

Room For Improvement

Sentiment score
5.7
AlienVault OSSIM faces challenges in scalability, integration, user interface, reporting, and stability, needing better threat detection and customization.
Sentiment score
4.9
Microsoft Sentinel users want better integration, more tools, improved UI, clearer documentation, reduced costs, and enhanced alert system.
The integration capabilities, especially concerning log sources, need improvement for more flexibility and simplicity in integrating with nodes.
For more quotes and insights, download the AlienVault OSSIM report
No quotes available
For more quotes and insights, download the Microsoft Sentinel report
 

Scalability Issues

Sentiment score
7.4
AlienVault OSSIM is suitable for small to mid-sized businesses but faces scale challenges in large enterprise environments.
Sentiment score
7.9
Microsoft Sentinel offers scalable, automatic resource adjustments, multi-region support, and extensive data integration, adapting to diverse organizational needs.
 

Setup Cost

No sentiment score available
AlienVault OSSIM is free initially but may incur costs for enhancements, support, or transitioning to the paid version.
Sentiment score
4.0
Microsoft Sentinel offers value through integration but requires careful cost management due to its complex, consumption-based pricing model.
 

Stability Issues

Sentiment score
7.6
AlienVault OSSIM is stable on proper hardware but may have minor bugs and limitations with large infrastructures.
Sentiment score
9.5
Microsoft Sentinel is highly stable and reliable, with 99.9% availability, despite some integration and log ingestion issues.
 

Valuable Features

Sentiment score
7.6
AlienVault OSSIM offers threat detection, asset discovery, and vulnerability assessment with easy integration, centralized dashboard, and network security capabilities.
Sentiment score
8.3
Microsoft Sentinel offers seamless integration, automation, AI capabilities, and scalable threat detection, enhancing security with cost-effectiveness and efficient monitoring.
Network traffic analysis is highly efficient.
For more quotes and insights, download the AlienVault OSSIM report
No quotes available
For more quotes and insights, download the Microsoft Sentinel report
 

Categories and Ranking

AlienVault OSSIM
Ranking in Security Information and Event Management (SIEM)
13th
Average Rating
7.4
Reviews Sentiment
7.2
Number of Reviews
30
Ranking in other categories
No ranking in other categories
Microsoft Sentinel
Ranking in Security Information and Event Management (SIEM)
2nd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
89
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (1st), Microsoft Security Suite (5th)
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 4.5%, up from 2.6% compared to the previous year. The mindshare of Microsoft Sentinel is 10.8%, down from 12.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

HarshBhardiya - PeerSpot reviewer
An open-source solution that provide good detection and more visibility
The solution is not scalable. It impacts so hard. In the initial stages, AlienVault OSSIM can be suitable for small environments. There may be limitations if the customer expresses a desire to expand and add more devices. In such cases, we would need to either explore additional solutions or work within the constraints of the existing setup. We have set up alerts and configured everything in AlienVault OSSIM. It actively monitors for any security incidents. It provides us with regular updates and notifications about any ongoing activities. Only one person is using the solution. It is the perfect solution for small businesses. I rate the solution’s scalability a three out of ten.
Read full review
Nitin Arora - PeerSpot reviewer
Gives us one place to investigate and respond to threats, and automation eliminates manual work
They can work on the EDR side of things. It is already really superb, because of the kinds of features we get with the EDR solution. It's not a standard EDR and they have recently enhanced things. But the problem is with onboarding devices. I have different OS flavors, including a large number of Linux, Windows, macOS, and some on-prem machines as well. Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work. They can eliminate having to do manual configuration for the machines, and check the different types of configurations for each OS. In some cases, it does not support some OSs. If they could reduce this type of work, that would be really amazing.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
816,192 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
9%
Educational Organization
8%
Comms Service Provider
7%
Computer Software Company
16%
Financial Services Firm
10%
Government
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about AlienVault OSSIM?
Asset discovery is good.
See all answers
What is your experience regarding pricing and costs for AlienVault OSSIM?
I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log.
See all answers
What needs improvement with AlienVault OSSIM?
Honestly, I don't know what can be improved in the product. I am trying to get a comparison between AlienVault OSSIM and the other solutions in the market. AlienVault OSSIM failed to provide our co...
See all answers
Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?
Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...
See all answers
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
See all answers
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
 

Comparisons

Wazuh vs AlienVault OSSIM Logo
Wazuh vs AlienVault OSSIM
Compared 83% of the time
Elastic Security vs AlienVault OSSIM Logo
Elastic Security vs AlienVault OSSIM
Compared 5% of the time
USM Anywhere vs AlienVault OSSIM Logo
USM Anywhere vs AlienVault OSSIM
Compared 4% of the time
Splunk Enterprise Security vs AlienVault OSSIM Logo
Splunk Enterprise Security vs AlienVault OSSIM
Compared 2% of the time
Fortinet FortiSIEM vs AlienVault OSSIM Logo
Fortinet FortiSIEM vs AlienVault OSSIM
Compared 1% of the time
More AlienVault OSSIM Competitors
AWS Security Hub vs Microsoft Sentinel Logo
AWS Security Hub vs Microsoft Sentinel
Compared 20% of the time
IBM Security QRadar vs Microsoft Sentinel Logo
IBM Security QRadar vs Microsoft Sentinel
Compared 10% of the time
Cortex XSIAM vs Microsoft Sentinel Logo
Cortex XSIAM vs Microsoft Sentinel
Compared 7% of the time
Wazuh vs Microsoft Sentinel Logo
Wazuh vs Microsoft Sentinel
Compared 6% of the time
Google Chronicle Suite vs Microsoft Sentinel Logo
Google Chronicle Suite vs Microsoft Sentinel
Compared 5% of the time
More Microsoft Sentinel Competitors
 

Product Reports

Buyer's Guide
AlienVault OSSIM
November 2024
AlienVault OSSIM reportDownload AlienVault OSSIM product report
Buyer's Guide
Microsoft Sentinel
November 2024
Microsoft Sentinel reportDownload Microsoft Sentinel product report
 

Also Known As

OSSIM
Azure Sentinel
 

Learn More

Video not available
AT&T
Microsoft
 

Overview

AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

 

Sample Customers

Council Rock School District
Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
Buyer's Guide
AlienVault OSSIM vs. Microsoft Sentinel
October 2024
Free Report: AlienVault OSSIM vs. Microsoft Sentinel
Find out what your peers are saying about AlienVault OSSIM vs. Microsoft Sentinel and other solutions. Updated: October 2024.
DOWNLOAD NOW
816,192 professionals have used our research since 2012.
See our AlienVault OSSIM vs. Microsoft Sentinel report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.