We compared AlienVault OSSIM and Wazuh based on our user's reviews in several parameters.
According to user reviews, AlienVault OSSIM is praised for its comprehensive threat detection, real-time monitoring, and strong asset management capabilities, while Wazuh is highlighted for its advanced threat detection, seamless integration with other tools, and easy installation process. AlienVault OSSIM users appreciate the customer service and pricing structure, while Wazuh users value the customer support and flexible licensing options. However, AlienVault OSSIM users desire improvements in the user interface and documentation, while Wazuh users suggest enhancements in system resource consumption. Overall, both products offer positive ROI and efficient security monitoring capabilities.
Features: AlienVault OSSIM stands out for its comprehensive threat detection and strong asset management capabilities. On the other hand, Wazuh is known for its advanced threat detection, efficient log analysis, and flexibility in tailoring the solution to specific needs.
Pricing and ROI: AlienVault OSSIM has been positively evaluated for its pricing, setup cost, and licensing. Users find the pricing structure reasonable and affordable. The setup process is straightforward and requires minimal effort. AlienVault OSSIM offers flexible licensing options. In comparison, Wazuh is also considered cost-effective with reasonable pricing options. The setup cost is hassle-free and the licensing is customizable., AlienVault OSSIM has been praised for its valuable and efficient security monitoring capabilities, cost-effectiveness, and ability to address security threats effectively. On the other hand, Wazuh users have reported various benefits and advantages from using the product.
Room for Improvement: Users have identified room for improvement in both AlienVault OSSIM and Wazuh. AlienVault OSSIM needs enhancements in user interface, documentation, support, customization, and integration capabilities. Wazuh could benefit from improvements in interface, documentation, configuration options, and system resource consumption.
Deployment and customer support: The reviews for AlienVault OSSIM highlight varying timeframes for the different phases of establishing a new tech solution. Some users took three months for deployment and an additional week for setup, while others only needed a week for both. In contrast, the reviews for Wazuh emphasize the importance of considering both deployment and setup timeframes. Some users spent three months on deployment and a week on setup, while others required a week for both., Customers have expressed positive feedback about the customer service provided by both AlienVault OSSIM and Wazuh. Users appreciate the helpful and responsive team of AlienVault OSSIM, while Wazuh's customer service is commended for their knowledge, efficiency, and helpfulness.
The summary above is based on 41 interviews we conducted recently with AlienVault OSSIM and Wazuh users. To access the review's full transcripts, download our report.
"The UI of Sentinel is very good and easy to use, even for beginners."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"You pay monthly for the solution. I think it's one of the best products. If you compare with other companies, like LogRhythm, etc., the top 8 or 10 CMs, I think Alien Vault has the best price-performance ratio."
"The solution is free to use."
"Better than other SIEM solutions because almost everything can be integrated."
"The solution has a very good open source community, and whenever we have problems, we are always able to resolve it online."
"The most valuable feature is the logging capability."
"The product is easy to use."
"The initial setup was straightforward. I didn't have any problems."
"The threat policies of the solution are always very advanced and the best in the market. They are very persistent in terms of keeping up with security protocols."
"Some of the strengths of Wazuh that stand out for us include its scalability when deployed on Azure, its open-source nature, which allows for customization based on our needs, and its compatibility with various security solutions like threat intelligence platforms."
"Wazuh automatically scans the host for CIS benchmarks for the latest updates and vulnerabilities and gives a host score. It provides a percentage of perceived risk due to of non patches or any missing patches on that work."
"Wazuh has very flexible and robust features."
"The deployment is easy and they provide very good documentation."
"The product’s interface is intuitive."
"Wazuh's most beneficial features for our security needs are flexibility, built-in rules, integration capabilities, and documentation."
"It's stable."
"The tool is stable."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"The AI capabilities must be improved."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"The reporting could be more structured."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"The playbook is a bit difficult and could be improved."
"AlienVault OSSIM is costly."
"Sometimes technical issues take very long to get resolved."
"We need more dashboards and we need more customization for dashboards."
"AlienVault OSSIM could improve by having better integration with some of the newer tools."
"AlienVault OSSIM should improve the deployment and make it unified like the USM."
"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version. Additionally, they should add integration between several different environments at once and improve their online knowledge base."
"It takes some time. It does not give me a prompt response for any such [malicious] traffic. It takes time to get that alert from the AlienVault system."
"It's under heavy traffic. If you have heavy traffic, the system is slow."
"One area where Wazuh could use some improvement is in its reporting mechanism, especially for high-level management like CSOs and CEOs."
"It would be better if they had a vulnerability assessment plug-in like the one AlienVault has. In the next release, I would like to have an app with an alerting mechanism."
"The deployment is a bit complex."
"Wazuh should come up with more in-built rules and integrations for the cloud."
"There's not much I like about Wazuh. Other products I've used were a lot more functional and user friendly. They came with reports and use cases out of the box. We need to configure Wazuh's alerts and monitoring capabilities manually. It'd be nice if we could select from templates and presets for use cases already built and coded."
"Wazuh could improve the detection, it is not detecting all of the attacks. Additionally, it is lacking features compared to other solutions."
"It would be great if there could be customization for the decoder portion."
"Its configuration process is time-consuming."
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 27 reviews while Wazuh is ranked 3rd in Security Information and Event Management (SIEM) with 38 reviews. AlienVault OSSIM is rated 7.4, while Wazuh is rated 7.4. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". AlienVault OSSIM is most compared with Elastic Security, USM Anywhere, Splunk Enterprise Security, Fortinet FortiSIEM and AWS Security Hub, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, Graylog and CrowdStrike Falcon. See our AlienVault OSSIM vs. Wazuh report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.