Try our new research platform with insights from 80,000+ expert users

AlienVault OSSIM vs Sentinel comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024
 

Categories and Ranking

AlienVault OSSIM
Ranking in Security Information and Event Management (SIEM)
13th
Average Rating
7.2
Number of Reviews
29
Ranking in other categories
No ranking in other categories
Sentinel
Ranking in Security Information and Event Management (SIEM)
15th
Average Rating
7.6
Number of Reviews
16
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of AlienVault OSSIM is 4.5%, up from 2.6% compared to the previous year. The mindshare of Sentinel is 2.8%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Aman Aijaz - PeerSpot reviewer
Jun 28, 2023
An easy-to-scale open-source solution used for monitoring events on devices
The area for improvement is a lot. When I started using it on our enterprise side, the issue we faced was, for example, if we were running at that time on AlienVault OSSIM v5.7.4. So, for some orders, we had to install some packages, and when we tried installing that package, some dependencies got upgraded to a new version. Now once that dependency got upgraded, the SQL, since you might be aware that OSSIM uses SQL database, now SQL and all the dependency in everything was not on the same version, and that caused the database to crash. The aforementioned area should be eased out by upgrading the patches and upgrading dependencies. This kind of thing is a disadvantage of OSSIM, and I would like them to work on this. But I have also raised service requests many times and gave it a push on the community section too. However, since it is a local source, they don't reply much over there. That is why I don't like to work on OSSIM because it is unpredictable. Once the storage goes above 50 percent, it starts behaving unpredictably. If you get stuck with a situation, then you need to drill a lockdown into that. Sometimes you get no luck. Then you have to just reimage the server with the new fresh OS of AlienVault. As for additional features, not much because if you move to the newer version, it is kind of getting more stable. But, to make my life easier, then I would say try to give more features. I know it's open source, so they also cannot provide me with more features. But still, if they can provide me with more features because right now it's becoming old. Right now, we are even moving from SIEM to Security Data Lake. So when we move to it, this will be literally outdated. No one can even expect anything out of it. The way security is moving, it will be outdated very soon. They have to also provide something new to keep this going for the future also.
JaideepSingh - PeerSpot reviewer
Jul 26, 2023
An automated solution that helped me detect threats in less than half the time it used to take
Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network. We also got multiple kinds of logs. By running some queries from the logs, we could find and fix the anomalies in the environment. Sentinel's threat visibility was great at telling us if we had something going on in our environment. We had to set up alerts in our environment based on the logs. If we had the right alerts set up, we got notified about threats and where security was lacking, so we could also take care of that. Sentinel's threat intelligence helped us prepare and take proactive steps for potential threats before they hit. Having preparation before a threat has helped our security operations. When I was using it, I used to keep going into my dashboards and looking for any threats on a weekly basis, or maybe two or three times a week. Based on that, we would recommend certain changes to the server and infrastructure teams to block or allow some ports. Sentinel's threat intelligence helped plan security against risks.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Asset discovery is good."
"The most valuable feature is the logging capability."
"The solution is very stable. Compared to Qradar and Splunk, it's very stable."
"You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think Alien Vault has the best price-performance ratio."
"AlienVault OSSIM's GUI is very user-friendly."
"The initial setup is straightforward."
"The dashboard is the solution's most valuable aspect. It brings everything into one central point where I can actually look at it and go, "Okay, I understand what's going on.""
"Its user-friendliness is the most valuable. It is very easy to use and explore. The dashboard is very well packaged and integrated. You don't have to spend a lot of time in configuring it and checking out the RPM etc. It is also free and very powerful."
"The most valuable feature is the flexible log for identifying security threats inside an application. Sentinel is very good at this."
"It makes everything easier by automating some tasks and growing with our needs."
"One of the most valuable features is the business intelligence engine. It's very important because it keeps track of everything that's happening and alerts us if something is different than expected. The first time I used it, I was shocked at how well it performed. Another valuable feature that I think makes this product worth the price you pay for it is that it connects to basically every system that provides some form of logging, and it's very easy to set up what triggers this."
"The stability is phenomenal and we never had any issues with downtime or even had to restart."
"The tool is simple to use."
"We can do advanced hunting queries and modify SQL queries to get desired results based on the rules triggering over the console."
"The native integration with out-of-the box format is hassle free and allows data to be used advantageously."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
 

Cons

"I would like the solution to be able to integrate with my firewall, my IDS and my Honeypot solutions so that it can provide real-time reporting as things occur and then have alert sent to me on my phone when suspicious activity is happening."
"The initial setup was a bit complex. You've got to do a lot of reading. It's not an intuitive implementation."
"The solution needs more integration with cyber intelligence systems."
"Lacking in depth of reporting."
"The price of this solution is very high and it could be cheaper."
"GUI could be improved."
"I suggest more in-built rules based on modern threats and environments to make it a more competitive solution."
"AlienVault OSSIM gives unwanted notifications."
"There is no integration in the web-side of the tool."
"The solution does not allow outsourced authorizations."
"I would like to see a better reporting work structure on the dashboard."
"The dashboard and customer view should be improved"
"I rate Sentinel a six out of ten for scalability."
"Creating a drag-and-drop dashboard or workbook in Sentinel is a little more complex compared to other tools like LogRhythm and IBM QRadar."
"You need a lot of Unix scripting knowledge in order to manage the tool, which is one of the main issues that we faced."
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
 

Pricing and Cost Advice

"AlienVault OSSIM is free."
"OSSIM is free."
"AlienVault OSSIM is an open-source solution."
"AlienVault OSSIM is expensive compared to its competitors."
"We are using a free version of the solution. If you purchase a license there are more features available but the price is a little high. The solution should be cheaper to allow more customers to be able to afford it."
"AlienVault pricing is the best. Whatever cost you are paying, you are getting a return on every penny... It's not like your IBM, your QRadar, or Splunk, where the cost is too high."
"The licensing fees for the non-community edition are paid on an annual basis, and there are no costs in addition to this."
"The solution is open source, so it's free to use."
"Sentinel's slightly on the expensive side."
"We inquired about getting support from the vendor, Micro Focus, but the cost was very high."
"Sentinel is a subscription-based solution."
"We receive a pricing discount because of our ongoing partnership with Micro Focus."
"The solution’s pricing is aligned with its competitors."
"Sentinel is moderately priced."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
9%
Educational Organization
8%
Comms Service Provider
7%
Computer Software Company
17%
Financial Services Firm
10%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for AlienVault OSSIM?
I used the paid version of the tool and found it to be expensive. It has been a while since I changed to Securonix. I will have to check whether AlienVault charges per device, user, or log.
What needs improvement with AlienVault OSSIM?
Honestly, I don't know what can be improved in the product. I am trying to get a comparison between AlienVault OSSIM and the other solutions in the market. AlienVault OSSIM failed to provide our co...
What do you like most about NetIQ Sentinel?
The solution lets us get all the logs properly and regularly monitor customer infrastructure.
What needs improvement with NetIQ Sentinel?
There are still a few vendor-specific devices for which Sentinel needs to work on integration, such as Netskope devices. Also, we often face region-wise outages during operation due to product team...
 

Also Known As

OSSIM
NetIQ Sentinel, Novell SIEM
 

Learn More

Video not available
 

Overview

 

Sample Customers

Council Rock School District
Faysal Bank, GaVI, Handelsbanken, ISC Mªnster, Lambeth Council, Swisscard, The Municipality of Siena, Tukes, University of Dayton, University of the Sunshine Coast
Find out what your peers are saying about AlienVault OSSIM vs. Sentinel and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.