Try our new research platform with insights from 80,000+ expert users

AlienVault OSSIM vs Sentinel comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AlienVault OSSIM
Ranking in Security Information and Event Management (SIEM)
8th
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
31
Ranking in other categories
No ranking in other categories
Sentinel
Ranking in Security Information and Event Management (SIEM)
13th
Average Rating
7.6
Reviews Sentiment
7.3
Number of Reviews
16
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 3.4%, down from 4.1% compared to the previous year. The mindshare of Sentinel is 3.4%, up from 1.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

HarshBhardiya - PeerSpot reviewer
An open-source solution that provide good detection and more visibility
The solution is not scalable. It impacts so hard. In the initial stages, AlienVault OSSIM can be suitable for small environments. There may be limitations if the customer expresses a desire to expand and add more devices. In such cases, we would need to either explore additional solutions or work within the constraints of the existing setup. We have set up alerts and configured everything in AlienVault OSSIM. It actively monitors for any security incidents. It provides us with regular updates and notifications about any ongoing activities. Only one person is using the solution. It is the perfect solution for small businesses. I rate the solution’s scalability a three out of ten.
JaideepSingh - PeerSpot reviewer
An automated solution that helped me detect threats in less than half the time it used to take
Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network. We also got multiple kinds of logs. By running some queries from the logs, we could find and fix the anomalies in the environment. Sentinel's threat visibility was great at telling us if we had something going on in our environment. We had to set up alerts in our environment based on the logs. If we had the right alerts set up, we got notified about threats and where security was lacking, so we could also take care of that. Sentinel's threat intelligence helped us prepare and take proactive steps for potential threats before they hit. Having preparation before a threat has helped our security operations. When I was using it, I used to keep going into my dashboards and looking for any threats on a weekly basis, or maybe two or three times a week. Based on that, we would recommend certain changes to the server and infrastructure teams to block or allow some ports. Sentinel's threat intelligence helped plan security against risks.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It has helped us remediate threats in the past by providing significant events that assisted in identifying suspicious activities, such as logins from multiple countries."
"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"The solution has a very good open source community, and whenever we have problems, we are always able to resolve it online."
"The most valuable feature is the logging capability."
"The threat alerts it gives me from time to time on harmful code within the network, or if they are generating any network traffic, are very useful."
"The product is majorly used for threat detection of the agents on servers and endpoints."
"The initial setup is straightforward."
"The product is easy to use."
"The stability is phenomenal and we never had any issues with downtime or even had to restart."
"The tool is simple to use."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
"We can do advanced hunting queries and modify SQL queries to get desired results based on the rules triggering over the console."
"It makes everything easier by automating some tasks and growing with our needs."
"The most valuable feature of this solution is that it provides a central locking system for many event sources."
"The native integration with out-of-the box format is hassle free and allows data to be used advantageously."
 

Cons

"AlienVault OSSIM’s configuration and integration could be a little easier."
"I suggest more in-built rules based on modern threats and environments to make it a more competitive solution."
"The correlation engine needs to be improved."
"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."
"The user interface needs to be friendlier across the board."
"The main area where the AlienVault product was lacking around the 2018 timeframe was in its ability to scale."
"The price of this solution is very high and it could be cheaper."
"Sometimes technical issues take very long to get resolved."
"The dashboard and customer view should be improved"
"I rate Sentinel a six out of ten for scalability."
"I would like to see a better reporting work structure on the dashboard."
"Creating a drag-and-drop dashboard or workbook in Sentinel is a little more complex compared to other tools like LogRhythm and IBM QRadar."
"There are still a few vendor-specific devices for which Sentinel needs to work on integration, such as Netskope devices."
"This product's connection to certain types of cloud systems could be improved. We can do Microsoft, Google, and Amazon, but there are a lot of other things happening in the cloud that we do not connect well enough to. This product could be improved with better connection to cloud-based solutions."
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
"It is an ancient product."
 

Pricing and Cost Advice

"I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log."
"AlienVault OSSIM is an open-source solution."
"AlienVault OSSIM is expensive compared to its competitors."
"AlienVault OSSIM is free."
"OSSIM is open source, and USM is the paid license. So, if you want, you can switch to USM. There you will have to buy a license, and they have a support team that helps you out on issues you face."
"When comparing AlienVault OSSIM to Microsoft Sentinel, AlienVault OSSIM incurs additional costs due to its licensing price structure. If you are using AlienVault for security purposes at a certain level it can have a higher price point than the current pricing of Microsoft Sentinel."
"The price of AlienVault OSSIM is too high sometimes for us to present to our customers. The price should be lower. We are on a three-year license to use the solution. We had to pay extra for the support."
"We are using a free version of the solution. If you purchase a license there are more features available but the price is a little high. The solution should be cheaper to allow more customers to be able to afford it."
"Sentinel is moderately priced."
"Sentinel is a subscription-based solution."
"The solution’s pricing is aligned with its competitors."
"We receive a pricing discount because of our ongoing partnership with Micro Focus."
"We inquired about getting support from the vendor, Micro Focus, but the cost was very high."
"Sentinel's slightly on the expensive side."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
861,524 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Comms Service Provider
10%
Financial Services Firm
8%
University
8%
Computer Software Company
13%
Financial Services Firm
9%
Manufacturing Company
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for AlienVault OSSIM?
It depends. I would need to review their cost models, but generally, they are on a scaled basis based on throughput usage. Because it's a software as a service solution for their core product for U...
What needs improvement with AlienVault OSSIM?
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implement...
What do you like most about NetIQ Sentinel?
The solution lets us get all the logs properly and regularly monitor customer infrastructure.
What needs improvement with NetIQ Sentinel?
There are still a few vendor-specific devices for which Sentinel needs to work on integration, such as Netskope devices. Also, we often face region-wise outages during operation due to product team...
 

Also Known As

OSSIM
NetIQ Sentinel, Novell SIEM
 

Overview

 

Sample Customers

Council Rock School District
Faysal Bank, GaVI, Handelsbanken, ISC Mªnster, Lambeth Council, Swisscard, The Municipality of Siena, Tukes, University of Dayton, University of the Sunshine Coast
Find out what your peers are saying about AlienVault OSSIM vs. Sentinel and other solutions. Updated: July 2025.
861,524 professionals have used our research since 2012.