Soc at a financial services firm with 5,001-10,000 employees
Real User
Top 5
2024-11-11T16:18:08Z
Nov 11, 2024
The primary use case is as a comprehensive Security Information and Event Management (SIEM) system, with more focus on internet access. It is used in the organization's threat detection and response strategies. Additionally, it was deployed in our on-premises servers to integrate log sources and enhance security monitoring.
Network Administrator at a tech services company with 51-200 employees
Real User
Top 20
2024-07-31T11:07:51Z
Jul 31, 2024
I use the solution in my company. The product is majorly used for threat detection of the agents on servers and endpoints. We use Elasticsearch's dashboard. Whenever we check the traffic routing, events, alarms and notification, we also have the dashboard from Elasticsearch that helps us put them in a mode category.
We must collect user information, including login details and activities within our system. We focus on gathering data on user actions, such as uploads and cloud-related activities.
Assistant Manager Global Security at Convergys Corporation
Real User
Top 5
2023-06-28T06:57:43Z
Jun 28, 2023
We are using AlienVault OSSIM to monitor any events happening on the devices. Since AlienVault OSSIM is an open-source tool, we cannot expect much from it. If basic things like file integrating and monitoring are happening, along with brute-force-related functionalities are happening, or some basic SQLs or something is happening on the web servers, we monitor for those things. There are directories that are already preconfigured. So, we have already deployed that on the servers which we want to look for. That is the basic thing and the main concern why we are using AlienVault OSSIM.
I use AlienVault OSSIM for the protection of our customers and to find critical events. There are two different versions of AlienVault OSSIM, one is on-premise and the other is cloud.
Director at a tech services company with 51-200 employees
Real User
2020-07-16T06:21:09Z
Jul 16, 2020
This product would typically be used by a client who would be looking at dipping his feet into the SIEM space and understanding how to go about setting up an SOC without putting in a large up-front investment. I'm the director of our company and we are partners with AlienVault.
Research Assistant at a tech services company with 51-200 employees
Real User
2020-06-17T10:56:01Z
Jun 17, 2020
Our primary use case is for research purposes. For now, we're just playing with it and there's a potential learning curve regarding use of AlienVault as an SIEM solution. We plan to analyze different open source solutions to test strengths and weaknesses. We are customers of AlienVault and I'm a research assistant.
Sales Solutions Engineer at a tech services company with 201-500 employees
Reseller
2019-09-12T09:09:00Z
Sep 12, 2019
The primary use case is local action, vulnerability scanning, and usage of Network IDS. We use some process and correlation rules for our business our customers' businesses.
We are a solution provider and this is one of the products that we implement for our clients. Our clients use this SIEM solution to collect and analyze logs that are generated by different appliances or different machines. It is a correlation tool for event management that gathers all of the events in your environment. This includes different hardware and different operating systems. There are rules in AlienVault that might be triggered based on the logs, and you can tell when there is a security attack or something else that is malicious that comes to your network. These types of events raise a flag and send a notification. Our clients include banks and other financial institutions. There are two versions of AlienVault. One is a community edition and the other requires a license. We are dealing with the licensed version and a hybrid-cloud environment.
Owner & Cyber Security Consultant at Sekurisor
Consultant
2019-09-03T08:57:00Z
Sep 3, 2019
We primarily use the solution just to check on devices. OSSIM does a lot of different things to help with this, including a bit of analytics, vulnerability testing, assessment, etc.
Our primary use case for AlienVault is incident management. We started as a customer because one of our companies worked on it. Eventually, we started reselling the service.
CISO at a recreational facilities/services company with 501-1,000 employees
Real User
2018-12-05T11:40:00Z
Dec 5, 2018
I use it for monitoring. I use it for getting alerts on various malicious activities, if there are such on my network. I'm using the free version of this product, OSSIM. As a media company, we follow MPAA, which is a set of controls for media businesses. The other set of compliance that we follow is DPP. We use AlienVault to comply to their standards.
AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for...
The primary use case is as a comprehensive Security Information and Event Management (SIEM) system, with more focus on internet access. It is used in the organization's threat detection and response strategies. Additionally, it was deployed in our on-premises servers to integrate log sources and enhance security monitoring.
I use the solution in my company. The product is majorly used for threat detection of the agents on servers and endpoints. We use Elasticsearch's dashboard. Whenever we check the traffic routing, events, alarms and notification, we also have the dashboard from Elasticsearch that helps us put them in a mode category.
The primary use case is threat detection. We have configured various rules to monitor the environment for any suspicious activity.
We must collect user information, including login details and activities within our system. We focus on gathering data on user actions, such as uploads and cloud-related activities.
We use AlienVault OSSIM to provide cyber security for a telecommunication company.
We use the product for user analysis and network visibility.
I am using AlienVault OSSIM to get my title as a cybersecurity technician.
We are using AlienVault OSSIM to monitor any events happening on the devices. Since AlienVault OSSIM is an open-source tool, we cannot expect much from it. If basic things like file integrating and monitoring are happening, along with brute-force-related functionalities are happening, or some basic SQLs or something is happening on the web servers, we monitor for those things. There are directories that are already preconfigured. So, we have already deployed that on the servers which we want to look for. That is the basic thing and the main concern why we are using AlienVault OSSIM.
We are using AlienVault OSSIM for our internal team to support a SOC capability.
I use AlienVault OSSIM for the protection of our customers and to find critical events. There are two different versions of AlienVault OSSIM, one is on-premise and the other is cloud.
I have deployed AlienVault OSSIM in a couple of small environments for monitoring.
We are using this solution for collecting logs. We are not correlating or assessing any user behavior analytics (UBA).
We are using AlienVault for vulnerability scanning and detecting abnormal behavior.
We implemented the solution for one of our client's e-commerce spaces. Our customer wanted to monitor the complete security posture.
This product would typically be used by a client who would be looking at dipping his feet into the SIEM space and understanding how to go about setting up an SOC without putting in a large up-front investment. I'm the director of our company and we are partners with AlienVault.
Our primary use case is for research purposes. For now, we're just playing with it and there's a potential learning curve regarding use of AlienVault as an SIEM solution. We plan to analyze different open source solutions to test strengths and weaknesses. We are customers of AlienVault and I'm a research assistant.
We primarily use the solution just to analyze events that occur based on security events.
The primary use case is local action, vulnerability scanning, and usage of Network IDS. We use some process and correlation rules for our business our customers' businesses.
We are a solution provider and this is one of the products that we implement for our clients. Our clients use this SIEM solution to collect and analyze logs that are generated by different appliances or different machines. It is a correlation tool for event management that gathers all of the events in your environment. This includes different hardware and different operating systems. There are rules in AlienVault that might be triggered based on the logs, and you can tell when there is a security attack or something else that is malicious that comes to your network. These types of events raise a flag and send a notification. Our clients include banks and other financial institutions. There are two versions of AlienVault. One is a community edition and the other requires a license. We are dealing with the licensed version and a hybrid-cloud environment.
We primarily use the solution just to check on devices. OSSIM does a lot of different things to help with this, including a bit of analytics, vulnerability testing, assessment, etc.
I primarily use the solution for securing my traffic and the SIEM.
Our primary use case for AlienVault is incident management. We started as a customer because one of our companies worked on it. Eventually, we started reselling the service.
I primarily use the solution for log collection.
I use it for monitoring. I use it for getting alerts on various malicious activities, if there are such on my network. I'm using the free version of this product, OSSIM. As a media company, we follow MPAA, which is a set of controls for media businesses. The other set of compliance that we follow is DPP. We use AlienVault to comply to their standards.