We performed a comparison between AlienVault OSSIM and Elastic Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The threat alerts it gives me from time to time on harmful code within the network, or if they are generating any network traffic, are very useful."
"With AlienVault you get everything in one box."
"The solution is free to use."
"AlienVault OSSIM is an enterprise solution that sells easily. It is rated highly by organizations."
"It has helped us remediate threats in the past by providing significant events that assisted in identifying suspicious activities, such as logins from multiple countries."
"The open vault component and the checking of vulnerabilities are the most valuable features. The page management helps with this. If you know how your device is vulnerable at least you can do something about it."
"AlienVault OSSIM's GUI is very user-friendly."
"The dashboard is the solution's most valuable aspect. It brings everything into one central point where I can actually look at it and go, "Okay, I understand what's going on.""
"The feature that we have found the most valuable is scalability."
"The most valuable feature is the ability to collect authentication information from service providers."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because of Elastic's efficient search engine."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"We need more dashboards and we need more customization for dashboards."
"AlienVault OSSIM is costly."
"Lacking in depth of reporting."
"It's so hard to configure and explore something new on it."
"AlienVault OSSIM gives unwanted notifications."
"I would like the solution to be able to integrate with my firewall, my IDS and my Honeypot solutions so that it can provide real-time reporting as things occur and then have alert sent to me on my phone when suspicious activity is happening."
"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."
"The incidence reporting could be better."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."
"One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 28 reviews while Elastic Security is ranked 5th in Security Information and Event Management (SIEM) with 59 reviews. AlienVault OSSIM is rated 7.4, while Elastic Security is rated 7.6. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". AlienVault OSSIM is most compared with Wazuh, USM Anywhere, Splunk Enterprise Security, Microsoft Sentinel and Fortinet FortiSIEM, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Graylog. See our AlienVault OSSIM vs. Elastic Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
