No more typing reviews! Try our Samantha, our new voice AI agent.

AlienVault OSSIM vs Sentinel comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AlienVault OSSIM
Ranking in Security Information and Event Management (SIEM)
26th
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
31
Ranking in other categories
No ranking in other categories
Sentinel
Ranking in Security Information and Event Management (SIEM)
17th
Average Rating
7.6
Reviews Sentiment
6.8
Number of Reviews
18
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 1.2%, down from 3.4% compared to the previous year. The mindshare of Sentinel is 2.7%, down from 3.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Sentinel2.7%
AlienVault OSSIM1.2%
Other96.1%
Security Information and Event Management (SIEM)
 

Featured Reviews

BP
Independent Contractor at a comms service provider with 5,001-10,000 employees
Enables cost-effective security management for small businesses
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implementation. The main area where the AlienVault product was lacking around the 2018 timeframe was in its ability to scale. By pushing it to a cloud-based system, they've largely alleviated scale issues. It's native in Amazon but will also run in Azure. They have worked with cloud service providers to offer enough throughput at a cost reasonable for a corporation. Scaling was their biggest problem, and they've largely conquered those issues.
Simon Johnston - PeerSpot reviewer
Manager, Customer Success at Coltek Business Soltuions
Simple antivirus solution integrates well but could improve pricing and currency options
I don't really have experience working with these solutions. I promote them for our clients, but I don't work with them. I can't share my experience with these tools as I make assumptions about that. For both Adlumin and CrowdStrike, both confirm that they're scalable and enterprise-ready and all those kinds of things. We haven't had any specific problem with either of those. We just have a preference for which one we would prefer. If somebody says they want to use a different one from the one that we prefer, then we have to find reasons why they aren't. But scalability is not one of the reasons that one is better over the other. I don't really have advice for people that are looking into using Sentinel; just do your research across what is available. On a scale of one to ten, I rate Sentinel a seven.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The tool's security detection is good. It helps us with login tracking and generating reports. We aim to identify potential issues, such as brute-force attacks on user accounts or server-level anomalies. For instance, if I receive a report indicating a server is at an abnormal level, I investigate and address the issue."
"It is a perfectly nice and free tool for compliance testing, assessment, and some basic vulnerability."
"The solution is free to use."
"There are a lot of people you will find using OSSIM since they are also offering OTX as a service"
"Better than other SIEM solutions because almost everything can be integrated."
"The solution is very stable, and compared to QRadar and Splunk, it's very stable."
"I recommend it due to the experience of the people running it."
"What I like about this product, is that it is a fully-fledged solution."
"We can do advanced hunting queries and modify SQL queries to get desired results based on the rules triggering over the console."
"In my opinion, Sentinel's best features include that it's a very easy product to use, it's very simple, and the after-sale service is very good."
"If Sentinel is integrated with Identity Manager and User Application Portal, the solution runs simply perfect!"
"The native integration with out-of-the box format is hassle free and allows data to be used advantageously."
"It makes everything easier by automating some tasks and growing with our needs."
"The stability is phenomenal and we never had any issues with downtime or even had to restart."
"The most valuable feature is the flexible log for identifying security threats inside an application. Sentinel is very good at this."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
 

Cons

"It's so hard to configure and explore something new on it. It is not easy to find the steps we need to follow in order to use the solution effectively."
"I don't like to work on OSSIM because it is unpredictable."
"There needs to be more focus on the NOC and IIS in terms of developing applications for behavior detection."
"AlienVault OSSIM failed to provide our company a full insight, while also giving out a lot of false positives."
"From a management console perspective and the maturity of the dashboards, I would probably put it slightly behind some of the other players that have been in the market for ages."
"AlienVault OSSIM could improve by having better integration with some of the newer tools."
"The price of this solution is very high and it could be cheaper."
"There are somewhat more false positives with the user behavior analytics, which could benefit from an additional machine learning model to detect user patterns more rapidly."
"There are still a few vendor-specific devices for which Sentinel needs to work on integration, such as Netskope devices."
"On version 5, builder was somewhat unstable during deployment -> workaround strong procedure with too many middle steps of saves."
"You need a lot of Unix scripting knowledge in order to manage the tool, which is one of the main issues that we faced."
"The solution does not allow outsourced authorizations."
"Documentation for security aspects could be improved. It is difficult to find clear information about encryption or risks that are addressed."
"Some functions look great but, in practice, some key limitations turn the process into something opaque."
"I would prefer to extend dashboards part and their functions in Web GUI version, so the charts could be for configurable."
"This product's connection to certain types of cloud systems could be improved. We can do Microsoft, Google, and Amazon, but there are a lot of other things happening in the cloud that we do not connect well enough to. This product could be improved with better connection to cloud-based solutions."
 

Pricing and Cost Advice

"We are using the community version, which can be used for free."
"OSSIM is open source, and USM is the paid license. So, if you want, you can switch to USM. There you will have to buy a license, and they have a support team that helps you out on issues you face."
"The price of AlienVault OSSIM is too high sometimes for us to present to our customers. The price should be lower. We are on a three-year license to use the solution. We had to pay extra for the support."
"I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log."
"AlienVault OSSIM is expensive compared to its competitors."
"AlienVault pricing is the best. Whatever cost you are paying, you are getting a return on every penny... It's not like your IBM, your QRadar, or Splunk, where the cost is too high."
"OSSIM is free."
"AlienVault OSSIM is an open-source solution."
"Sentinel is a subscription-based solution."
"We receive a pricing discount because of our ongoing partnership with Micro Focus."
"We inquired about getting support from the vendor, Micro Focus, but the cost was very high."
"Sentinel is moderately priced."
"Sentinel's slightly on the expensive side."
"The solution’s pricing is aligned with its competitors."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
903,933 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Comms Service Provider
14%
Financial Services Firm
8%
Computer Software Company
7%
Manufacturing Company
7%
Financial Services Firm
9%
Computer Software Company
8%
Manufacturing Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business18
Midsize Enterprise9
Large Enterprise8
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise3
Large Enterprise8
 

Questions from the Community

What is your experience regarding pricing and costs for AlienVault OSSIM?
It depends. I would need to review their cost models, but generally, they are on a scaled basis based on throughput usage. Because it's a software as a service solution for their core product for U...
What needs improvement with AlienVault OSSIM?
Scaling for USM is always challenging for any product unless it is purpose-built or overbuilt at the front end. They will use Palo Alto and its competitors, and LevelBlue will manage that implement...
What is your primary use case for AlienVault OSSIM?
This solution is very similar to most of the other MSSPs that you would find out there. When I look at use cases, AlienVault was initially aimed at small to medium businesses. It grew, and that was...
What is your experience regarding pricing and costs for NetIQ Sentinel?
My experience with pricing, setup cost, and licensing shows that while it is a little on the higher side, since it is part of a package for all Microsoft products, I feel it is a better choice comp...
What needs improvement with NetIQ Sentinel?
Sentinel needs minimal improvement, though improvements are ongoing. Everything seems to be functioning perfectly, and I don't have any specific inputs for improvements I would like to see in Senti...
What is your primary use case for NetIQ Sentinel?
My main use case for Sentinel is that I'm a subject matter expert for Sentinel, specifically for security incident event and event management. I head the SME for SIEM in LTIMindtree for this curren...
 

Also Known As

OSSIM
NetIQ Sentinel, Novell SIEM
 

Overview

 

Sample Customers

Council Rock School District
Faysal Bank, GaVI, Handelsbanken, ISC Mªnster, Lambeth Council, Swisscard, The Municipality of Siena, Tukes, University of Dayton, University of the Sunshine Coast
Find out what your peers are saying about AlienVault OSSIM vs. Sentinel and other solutions. Updated: June 2026.
903,933 professionals have used our research since 2012.