AlienVault OSSIM vs. Wazuh Report From PeerSpot 2023-07-02 1rnl

AlienVault OSSIM
vs
Wazuh
Buyer's Guide &

Reviews
July 2023
AlienVault OSSIM and Wazuh
Get a custom version of this report...personalized for you!

Thanks for downloading this PeerSpot report.
Note that this is a generic report based on reviews and opinions from the entire PeerSpot
community. We offer a customized report personalized for you based on:
• Your industry
• Company size
• Which solutions you're already considering
It includes recommendations for you based on what other people like you are researching and
using.
It takes 2-3 minutes to get the report using our shortlist builder wizard. We recommend it!
Get your personalized report here.
2
Contents
Advice From Real Users 4-9
Top Review by Topic of AlienVault OSSIM and Wazuh 10-11
Overview 12
Reviews From Real Users 13-18
Vendor Directory 19
Top Security Information and Event Management (SIEM) Vendors 21-22
Top Security Information and Event Management (SIEM) 5 Solutions by Ranking Factor 23
About This Report and PeerSpot 24
© 2023 PeerSpot
To read more reviews please visit https://www.peerspot.com/products/comparisons/alienvault-ossim_vs_wazuh?tid=pdf_comp_32801-36166
3
Advice From Real Users
AlienVault OSSIM
PROS
"The most valuable features of AlienVault OSSIM are case management, ease of configuration, and investigation." [Full Review]
Steven
Sheehy
"The solution is free to use." [Full Review]
Khadija
Salam Saleh
Al-Harrasi
"The most valuable features of AlienVault OSSIM are vulnerability assessment, network intrusion detection system, response to
critical events, and awareness of the whole network." [Full Review]
Danilo Tiberi
"The initial setup is straightforward." [Full Review]
Hakeem
Olufadi
"The paid version of the solution has reporting and better scalability options." [Full Review]
Idris Aliyu
© 2023 PeerSpot
4
AlienVault OSSIM
CONS
"AlienVault OSSIM could improve by having better integration with some of the newer tools." [Full Review]
Steven
Sheehy
"It's so hard to configure and explore something new on it." [Full Review]
Khadija
Salam Saleh
Al-Harrasi
"AlienVault OSSIM on-premise version is more difficult to implement than the cloud version." "Additionally, they should add
integration between several different environments at once and improve their online knowledge base." [Full Review]
Danilo Tiberi
"The incidence reporting could be better." [Full Review]
Hakeem
Olufadi
"When comparing AlienVault OSSIM to other solutions it looks a bit outdated." "Additionally, they need to improve their
integration." [Full Review]
Idris Aliyu
© 2023 PeerSpot
5
AlienVault OSSIM
PRICING AND LICENSING ADVICE
"When comparing AlienVault OSSIM to Microsoft Sentinel, AlienVault OSSIM incurs additional costs due to its licensing price
structure." "If you are using AlienVault for security purposes at a certain level it can have a higher price point than the current
pricing of Microsoft Sentinel." [Full Review]
Steven
Sheehy
"The price of AlienVault OSSIM is too high sometimes for us to present to our customers." "The price should be lower." "We are
on a three-year license to use the solution." "We had to pay extra for the support." [Full Review]
Danilo Tiberi
"We are using a free version of the solution." "If you purchase a license there are more features available but the price is a little
high." "The solution should be cheaper to allow more customers to be able to afford it." [Full Review]
Idris Aliyu
© 2023 PeerSpot
6
Wazuh
PROS
"Wazuh offers numerous features, such as the ability to define custom rules for detecting malicious activities and remembering
behaviors." [Full Review]
Muhammad
Muaaz Bin
Zaka
"It is a stable solution." [Full Review]
Youssef EL
AZZOUZI
"If they support a solution, it is easy to do an integration." [Full Review]
Robert
Cheruiyot
"I like the features we use, including malware detection, inventory, detection of hidden processes, and activity logs." "Inventory
is probably the most important feature." "It tells us when processes and packages were installed and what they are, which is
helpful." [Full Review]
Pathick
Kerketta
"Wazuh offers an enhanced HDR version that outperforms its competitors." [Full Review]
Akash
Majumder
"It's stable." [Full Review]
Ali Ahangari
"Good for monitoring, active response, and for vulnerabilities." [Full Review]
Rizwan Alam
© 2023 PeerSpot
7
Wazuh
CONS
"The only challenge we faced with Wazuh was the lack of direct support." [Full Review]
Muhammad
Muaaz Bin
Zaka
"Its configuration process is time-consuming." [Full Review]
Youssef EL
AZZOUZI
"They need to go towards integrating with more cloud applications and not just OS like Windows and Linux." [Full Review]
Robert
Cheruiyot
"Integration with Vyara could be better." [Full Review]
Pathick
Kerketta
"While it is scalable, it can suffer from reduced latencies." [Full Review]
Akash
Majumder
"The deployment is a bit complex." [Full Review]
Ali Ahangari
"A lack of certain features creates limitations." [Full Review]
Rizwan Alam
© 2023 PeerSpot
8
Wazuh
PRICING AND LICENSING ADVICE
"It is a free-of-cost solution." [Full Review]
Youssef EL
AZZOUZI
"Wazuh is free and open source." [Full Review]
Pathick
Kerketta
"The current pricing is open source." [Full Review]
Shubham
Kumar
"Wazuh has a community edition, and I was using that." "It's free and open source." [Full Review]
Dr. Sushan
Banerjee
"Wazuh is totally free and open source." "There are no licensing costs, only support costs if you need them." [Full Review]
Shaamil
Ashraff
"Wazuh is open-source, therefore it is free." "You can purchase support for $1,000 a year." [Full Review]
Wajih Ul
Hasan
"Wazuh is open-source, but you must consider the total cost of ownership." "It may be free to acquire, but you spend a lot of
time and effort supporting the product and getting it to a point where it's useful." [Full Review]
Gary Starling
© 2023 PeerSpot
9
Top Reviews by Topic

AlienVault OSSIM Wazuh
VALUABLE
FEATURES Hakeem Olufadi Muhammad Muaaz Bin Zaka
The self-paced training is pretty good. The initial The most valuable features include file integrity
setup is straightforward. We've found the solution monitoring, Wazuh engines, Wazuh rulesets
to be very stable. You can scale the solution. (including rulesets for Apache and firewall routers),
Technical support is excellent. They are very and vulnerability detection. [Full Review]
helpful and responsive. [Full Review]
Vikrant Puranik
Danilo Tiberi
Wazuh's logging features integrate seamlessly

The most valuable features of AlienVault OSSIM with AWS cloud-native services. There are also
are vulnerability assessment, network intrusion Wazuh agent configurations for different use
detection system, response to critical events, and cases, like vulnerability scanning, host-based
awareness of the whole network. [Full Review] intrusion detection, and file integrity monitoring.
[Full Review]
Akash Majumder
There are three key strengths of Wazuh that stand

out to me. Firstly, Wazuh offers an enhanced HDR
version that outperforms the Elastic Stack. Wazuh
has achieved this by running a config or a sec in
the background, which has improved the XBR for
endpoint security significantly. Secondly, Wazuh
comes with built-in frameworks, such as the NISC
and ISO, that make it easy to comply with various
industry standards. We didn't need to configure
any custom frameworks for this, as Wazuh had it
built in. ... [Full Review]
© 2023 PeerSpot
10
Top Reviews by Topic

AlienVault OSSIM Wazuh
ROOM FOR
IMPROVEMENT Steven Sheehy Muhammad Muaaz Bin Zaka
AlienVault OSSIM could improve by having better There is room for improvement in Wazuh, but it's
integration with some of the newer tools. Ina possible they are already working on it. The only
future releases, it would be beneficial to challenge we faced with Wazuh was the lack of
modernize some of their UI features. [Full Review] direct support. They charge for support, whether
it's five days a week or seven days a week. We
don't expect it to be free because revenue is
generated through the support they provide. In
future releases, I would like to see a feature.
Hakeem Olufadi There is one feature we observed in a premium
tool in the industry called Dynatrace. It provides
automatic relations b... [Full Review]
ArcSight works better than AlienVault right now.
The incidence reporting could be better. We'd like
to be able to better privatize certain logs that
handle certain detections. It's really important to Vikrant Puranik
us. The integration capabilities could be improved.
[Full Review]
Scalability is a constraint in the on-prem version of
Wazuh in terms of the volume of logs we can
manage. There are some minor glitches, but that's
Danilo Tiberi part of every tool, and they usually get addressed
in subsequent updates. I would like to see more
Kubernetes security and log integrations. That will
be one of the good things. Wazuh supports AWS
AlienVault OSSIM on-premise version is more or GCP cloud-native service integration, but it
difficult to implement than the cloud version. would be great if they added support for
Additionally, they should add integration between Kubernetes security and AWS or Azure-managed
several different environments at once and Kubernetes solutions. [Full Review]
improve their online knowledge base. [Full
Review]
Akash Majumder
One area where Wazuh could be improved is

scalability. While it is scalable, it can suffer from
reduced latencies. In the next release, I would like
to see a more seamless combination of a SIEM
system. However, the current SIEM system can be
noisy at times, resulting in false positives instead
of true positives. In comparison, Splunk has been
able to reduce the number of false positives in its
system. [Full Review]
© 2023 PeerSpot
11
Overview
SOLUTION AlienVault OSSIM Wazuh
OVERVIEW AlienVault OSSIM, Open Source Security Wazuh is an enterprise-ready platform used for
Information and Event Management (SIEM), security monitoring. It is a free and open-source
provides you with a feature-rich open source SIEM platform that is used for threat detection, incident
complete with event collection, normalization and response and compliance, and integrity
correlation. Launched by security engineers monitoring. Wazuh is capable of protecting
because of the lack of available open source workloads across virtualized, on-premises,
products, AlienVault OSSIM was created containerized, and cloud-based environments.
specifically to address the reality many security
professionals face: A SIEM, whether it is open It consists of an endpoint security agent and a
source or commercial, is virtually useless without management server. Additionally, Wazuh is fully
the basic security controls necessary for... integrated with the Elastic Stack, allowing users
the ability to navigate...
SAMPLE Council Rock School District

CUSTOMERS
TOP USM Anywhere vs. AlienVault OSSIM Elastic Security vs. Wazuh
COMPARISONS Compared 24% of the time Compared 24% of the time
Elastic Security vs. AlienVault OSSIM Splunk Enterprise Security vs. Wazuh
Compared 21% of the time Compared 20% of the time
Splunk Enterprise Security vs. AlienVault OSSIM USM Anywhere vs. Wazuh
Compared 17% of the time Compared 11% of the time
TOP INDUSTRIES, Comms Service Provider ... 13% Comms Service Provider ... 7%
BASED ON Financial Services Firm ... 13% Financial Services Firm ... 13%
REVIEWERS*
Insurance Company ... 13% Security Firm ... 20%
Educational Organization ... 13% Computer Software Company ... 27%
TOP INDUSTRIES, Educational Organization ... 7% Educational Organization ... 7%
BASED ON Government ... 10% Government ... 7%
COMPANIES
READING REVIEWS* Comms Service Provider ... 11% Comms Service Provider ... 11%
Computer Software Company ... 18% Computer Software Company ... 18%
COMPANY SIZE, 201-1000 Employees ... 21% 201-1000 Employees ... 15%
BASED ON 1001+ Employees ... 21% 1001+ Employees ... 30%
REVIEWERS*
1-200 Employees ... 58% 1-200 Employees ... 55%
COMPANY SIZE, 1-200 Employees ... 29% 1-200 Employees ... 30%
BASED ON 201-1000 Employees ... 16% 201-1000 Employees ... 19%
COMPANIES
READING REVIEWS* 1001+ Employees ... 55% 1001+ Employees ... 50%
* Data is based on the aggregate profiles of PeerSpot Users researching this solution.
© 2023 PeerSpot
12
AlienVault OSSIM review by a real user
Useful case management, simple configuration, but integration

could improve
Managing Director of Hytec (OLM Group

company) at OLM Group company
Steven Sheehy
WHAT IS OUR PRIMARY USE CASE?
We are using AlienVault OSSIM for our internal team to support a SOC capability.
WHAT IS MOST VALUABLE?
The most valuable features of AlienVault OSSIM are case management, ease of configuration, and investigation.
WHAT NEEDS IMPROVEMENT?
AlienVault OSSIM could improve by having better integration with some of the newer tools.
Ina future releases, it would be beneficial to modernize some of their UI features.
FOR HOW LONG HAVE I USED THE SOLUTION?
I used AlienVault OSSIM for approximately five years.
13
Continued from previous page
WHAT DO I THINK ABOUT THE STABILITY OF THE SOLUTION?
The solution is stable. However, sometimes the UMS can disappear but overall the stability is good.
I rate the stability of AlienVault OSSIM a seven out of ten.
WHAT DO I THINK ABOUT THE SCALABILITY OF THE SOLUTION?
The solution scales well. Some of the volumes of data can be done in a way it can scale better.
I rare the scalability of AlienVault OSSIM an eight out of ten.
HOW ARE CUSTOMER SERVICE AND SUPPORT?
I rate the stability of AlienVault OSSIM a seven out of ten.
WHICH SOLUTION DID I USE PREVIOUSLY AND WHY DID I SWITCH?
I have utilized Microsoft Sentinel, which includes a case management system. This system requires the creation of rule sets
using KQL and is primarily pre-configured with AlienVault OSSIM. However, we have made some interesting customizations to
enhance its functionality.
HOW WAS THE INITIAL SETUP?
The initial setup of AlienVault OSSIM is straightforward. The deployment takes a few days.
I rate the initial setup of AlienVault OSSIM a seven out of ten.
14
WHAT'S MY EXPERIENCE WITH PRICING, SETUP COST, AND LICENSING?
When comparing AlienVault OSSIM to Microsoft Sentinel, AlienVault OSSIM incurs additional costs due to its licensing price
structure. If you are using AlienVault for security purposes at a certain level it can have a higher price point than the current
pricing of Microsoft Sentinel.
WHAT OTHER ADVICE DO I HAVE?
My advice to others would be to do the webinars and stay as standard as possible.
It is simple to configure and use this system as it calculates all the necessary components. Looking ahead, it is crucial for
Microsoft to maintain its position in the top quadrant, as determined by Gartner, considering the investments made by both
Google and Microsoft in this space.
I rate AlienVault OSSIM a seven out of ten.
© 2023 PeerSpot
15
Wazuh review by a real user
It integrates seamlessly with AWS cloud-native services
Manager Cloud Security Operations at

TraceLink, Inc.
Vikrant Puranik
WHAT IS OUR PRIMARY USE CASE?
Our company only has a small five-person team working with Wazuh. We wanted a log management solution that we
could deploy onto our cloud, so we deployed Wazuh on Kubernetes and integrated different log sources into a centralized
logging solution.
The second use case is log searching. We wanted a usable integrated search, and Wazuh a good search integrated usable.
Wazuh has support for Elasticsearch, which provides searching capabilities. Cost-effectiveness was important for us,
and Wazuh is a top open source solution.
WHAT IS MOST VALUABLE?
Wazuh's logging features integrate seamlessly with AWS cloud-native services. There are also Wazuh agent configurations for
different use cases, like vulnerability scanning, host-based intrusion detection, and file integrity monitoring.
WHAT NEEDS IMPROVEMENT?
Scalability is a constraint in the on-prem version of Wazuh in terms of the volume of logs we can manage. There are some
minor glitches, but that's part of every tool, and they usually get addressed in subsequent updates.
I would like to see more Kubernetes security and log integrations. That will be one of the good things. Wazuh supports AWS
or GCP cloud-native service integration, but it would be great if they added support for Kubernetes security and AWS or
Azure-managed Kubernetes solutions.
16
FOR HOW LONG HAVE I USED THE SOLUTION?
We've used Wazuh for two years.
WHAT DO I THINK ABOUT THE STABILITY OF THE SOLUTION?
Wazuh is pretty stable. There are no major issues, but sometimes we face minor glitches. It's open source, so we can't expect
every bug to be documented. We discover some new issues from time to time, but that's part of using an open-source
solution. You pay for a licensed product or you deal with minor problems in open source.
WHAT DO I THINK ABOUT THE SCALABILITY OF THE SOLUTION?
Wazuh's scalability has room for improvement.
HOW ARE CUSTOMER SERVICE AND SUPPORT?
We paid for technical support, but they do have a robust community and Slack channels and all that stuff. You can find most of
the answers you need in the community groups or forums. I rate Wazuh support eight out of 10.
WHICH SOLUTION DID I USE PREVIOUSLY AND WHY DID I SWITCH?
I worked with Splunk, Curator, ArcSight, and some legacy solutions that no longer exist. They became obsolete or transitioned
to a different product. Cost-effectiveness was one reason we switched. We had to decide whether to spend $500,000 on a
commercial product or rely on our skills to deploy an open-source solution.
The big difference between Wazuh and other solutions is maturity and customization. Wazuh's scalability and out-of-the-box
functionality are slightly lagging behind, but Wazuh has improved a lot since the first time we saw it. Others have more search
capabilities, whereas Wazuh depends on Elasticsearch. Searching is a bit slower in Wazuh.
17
HOW WAS THE INITIAL SETUP?
I rate the Wazuh setup experience nine out of 10. The basic setup was straightforward, but our deployment was slightly
complex because we did a lot of customization. It took us a week to deploy and fine-tune the initial setups. After deployment,
the only maintenance task is rotating particular logs. If we don't rotate it correctly, the log storage runs out and services stop.
WHAT ABOUT THE IMPLEMENTATION TEAM?
Wazuh is open-source, so we didn't have a support person or any professional services to help us. Fortunately, the
documentation is excellent, and they have good community support as well.
WHAT'S MY EXPERIENCE WITH PRICING, SETUP COST, AND LICENSING?
Wazuh is an open-source solution, so the only expenses are Elasticsearch and log storage costs. Log storage costs no
more than $20,000 to $30,000 annually. It's around $3,000 a month. It's all money in the bank. We don't have to spend
anything except for resources.
WHAT OTHER ADVICE DO I HAVE?
I rate Wazuh nine out of 10. It's a powerful tool, and you can do lots of things with it. Wazuh is a good choice if you're on a tight
budget, but you need to have an enterprise-level SIEM deployment.
If someone doesn't know how to manage large-scale log management solutions, you should start small and grow your
experience. You can start with Wazuh and switch to an enterprise solution once you start scaling up.
WHICH DEPLOYMENT MODEL ARE YOU USING FOR THIS SOLUTION?
On-premises
© 2023 PeerSpot
18
Vendor Directory For Security Information and Event Management

(SIEM)
Adlumin Adlumin Micro Focus ArcSight Enterprise Security Manager
(ESM)
Amazon AWS Security Hub
Micro Focus NetIQ Sentinel
Anvilogic Anvilogic
Micro Focus ArcSight Interset / Intelligence
AT&T USM Anywhere
Microsoft Microsoft Sentinel
AT&T AlienVault OSSIM
NETMONASTERY DNIF HYPERCLOUD
BlackBerry Blackberry Alert
Netsurion Netsurion
BlackBerry Blackberry AtHoc
NetWitness NetWitness Platform
BlackStratus SIEMStorm
NNT NNT Log Tracker Enterprise
Blumira Blumira
Odyssey Cybersecurity ClearSkies SaaS NG SIEM
Coralogix Coralogix
Oracle Oracle Security Monitoring and Analytics
Devo Devo Cloud Service
Edge Delta Edge Delta Security Panther Panther
Elastic Elastic Security Rapid7 Rapid7 InsightIDR
empow i-SIEM RSA RSA enVision
Exabeam Exabeam Fusion SIEM Seceon Seceon Open Threat Management

Platform
Fortinet Fortinet FortiSIEM
Securonix Solutions Securonix Next-Gen SIEM
Fortra Fortra's Event Manager
SolarWinds SolarWinds Security Event Manager
Graylog Graylog Security
SolarWinds SolarWinds MSP Threat Monitor [EOL]
Gurucul Gurucul Next Gen SIEM
Splunk Splunk Enterprise Security
IBM IBM Security QRadar
SQRRL SQRRL
IBM IBM Watson for Cyber Security
Sumo Logic JASK [EOL]
Ignite Technologies SenSage AP
Sumo Logic Sumo Logic Security
Intersect Alliance Snare
SurfWatch Labs SurfWatch Labs SurfWatch
IS Decisions FileAudit
TEHTRIS TEHTRIS SIEM
LogPoint LogPoint
ThetaRay ThetaRay
LogRhythm LogRhythm SIEM
TIBCO LogLogic
Logsign Logsign Next-Gen SIEM
Trellix Trellix ESM
Logz.io Logz.io
Trellix Trellix Helix
ManageEngine ManageEngine Log360
Trustwave Trustwave SIEM [EOL]
ManageEngine ManageEngine EventLog Analyzer
VenusTech Venusense USM
Masergy Masergy
Wazuh Wazuh
19
Top Security Information and Event Management (SIEM) Vendors

Over professionals have used PeerSpot research. Here are the top vendors based on product reviews, ratings, and comparisons. All
reviews and ratings are from real users, validated by our triple authentication process.
Chart Key
Views Comparisons Reviews Words/Review Average Rating
Number of views Number of times compared Total number of reviews on Average words per review Average rating based on
to another product PeerSpot on PeerSpot reviews
Bar length
The total ranking of a product in a category, represented by the bar length, is based on a weighted aggregate score. The score is calculated
using the following factors:
ul>
li>Comparisons Views: the product with the highest number of comparisons with other products-in-the-category gets a
maximum of 25 points. Every other product gets assigned points based on its total in proportion to the #1 product
in that ranking factor. For example, if a product has 80% of the number of comparison views compared to the
product with the most reviews then the product's points for reviews would be 25 * 80%./li>
li>Views: We calculate the number of Views based on the percentage of category comparisons out of the total comparisons of the
product./li>
ul>
li>For example, if a product has 100 Comparisons with other products in the category and a total of 1,000 Comparisons,
the product will be assigned 10% of the total number of Views. If the product has a total of 2,000 Views,
it will be assigned 200 Views for this ranking factor./li>
li>The product with the highest number of views gets a maximum of 25 points.
Every other product gets assigned points based on its total in proportion to the #1 product in that ranking factor./li>
li>For example, if a product has 100 Comparisons with other products in the category and a total of 1,000 Comparisons,
the product will be assigned 10% of the total number of Views. If the product has a total of 2,000 Views,
it will be assigned 200 Views for this ranking factor./li>
/ul>
li>Reviews: the product with the highest number of reviews gets a maximum of 15 points. Every other product gets assigned points
based on its total in proportion to the #1 product in that ranking factor. For example, if a product has 80% of the number of
reviews compared to the product with the most reviews then the product's points for reviews would be 15 * 80%./li>
li>Rating: the maximum score is 25 points awarded linearly between 6-10/li>
ul>
li>e.g. 6 or below=0 points; 7.5=7.5 points; 9.0=18 points; 10=25 points./li>
/ul>
li>Words/Review: the maximum score is 10 points awarded linearly between 0-900 words/li>
ul>
li>e.g. 600 words = 4 points; 750 words = 7 points; 900 or more words = 10 points./li>
li>If a product has fewer than ten reviews, the point contribution for Rating and Words/Review is reduced: 1/3 reduction in points
for products with 5-9 reviews, two-thirds reduction for products with fewer than five reviews./li>
/ul>
/ul>
Reviews that are more than 24 months old, as well as those written by resellers, are completely excluded from the ranking algorithm.
All products with 50+ points are designated as a Leader in their category.
Rankings for June 2023 and earlier used our previous ranking methodology. Learn more here.
1 Splunk Enterprise Security
32,443 views 26,900 comparisons 44 reviews 590 words/review 8.2 average rating
2 Microsoft Sentinel
34,829 views 20,255 comparisons 53 reviews 1,445 words/review 8.3 average rating
20
3 IBM Security QRadar
© 2023 PeerSpot
21
4 Elastic Security
5 Wazuh
6 LogRhythm SIEM
7 USM Anywhere
8 Fortinet FortiSIEM
9 Securonix Next-Gen SIEM
6,818 views 3,831 comparisons 11 reviews 1,255 words/review 9.2 average rating
10 ArcSight Enterprise Security Manager (ESM)
© 2023 PeerSpot
22
Top Security Information and Event Management (SIEM) 5 Solutions

by Ranking Factor
Views
VIEWS
1 Microsoft Sentinel 34,829
2 Splunk Enterprise Security 32,443
3 IBM Security QRadar 25,899
4 Wazuh 21,653
5 Elastic Security 17,544
Reviews
REVIEWS
1 IBM Security QRadar 54
2 Microsoft Sentinel 53
3 Splunk Enterprise Security 44
4 Fortinet FortiSIEM 26
5 ArcSight Enterprise Security Manager 24

(ESM)
Words / Review
WORDS /
REVIEW
1 Devo 2,182
2 Netsurion 1,862
3 Microsoft Sentinel 1,445
4 Securonix Next-Gen SIEM 1,255
5 RSA enVision 955
© 2023 PeerSpot
23
About this report

This report is comprised of a list of enterprise level Security Information and Event Management (SIEM) vendors. We have also included
several real user reviews posted on peerspot.com. The reviewers of these products have been validated as real users based on their
LinkedIn profiles to ensure that they provide reliable opinions and not those of product vendors.
About PeerSpot
The Internet has completely changed the way we make buying decisions. We now use ratings and review sites to see what other real users
think before we buy electronics, book a hotel, visit a doctor or choose a restaurant. But in the world of enterprise technology, most of the
information online and in your inbox comes from vendors but what you really want is objective information from other users.
We created PeerSpot to provide technology professionals like you with a community platform to share information about enterprise software,
applications, hardware and services.
We commit to offering user-contributed information that is valuable, objective and relevant. We protect your privacy by providing an
environment where you can post anonymously and freely express your views. As a result, the community becomes a valuable resource,
ensuring you get access to the right information and connect to the right people, whenever you need it.
PeerSpot helps tech professionals by providing:
• A list of enterprise level Security Information and Event Management (SIEM) vendors
• A sample of real user reviews from tech professionals
• Speciﬁc information to help you choose the best vendor for your needs
Use PeerSpot to:
• Read and post reviews of vendors and products

• Request or share information about functionality, quality, and pricing
• Contact real users with relevant product experience
• Get immediate answers to questions
• Validate vendor claims
• Exchange tips for getting the best deals with vendors
PeerSpot
244 5th Avenue, Suite R-230 • New York, NY 10001
www.peerspot.com
reports@peerspot.com
+1 646.328.1944
© 2023 PeerSpot
24

AlienVault OSSIM vs. Wazuh Report From PeerSpot 2023-07-02 1rnl

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

AlienVault OSSIM vs. Wazuh Report From PeerSpot 2023-07-02 1rnl

Uploaded by

Copyright:

Available Formats

AlienVault OSSIM

Buyer's Guide &

Get a custom version of this report...personalized for you!

Get your personalized report here.

Advice From Real Users 4-9

Top Review by Topic of AlienVault OSSIM and Wazuh 10-11

Reviews From Real Users 13-18

Top Security Information and Event Management (SIEM) Vendors 21-22

About This Report and PeerSpot 24

Advice From Real Users

"The solution is free to use." [Full Review]

"The initial setup is straightforward." [Full Review]

Advice From Real Users

"The incidence reporting could be better." [Full Review]

Advice From Real Users

PRICING AND LICENSING ADVICE

Advice From Real Users

"It is a stable solution." [Full Review]

"If they support a solution, it is easy to do an integration." [Full Review]

"It's stable." [Full Review]

Advice From Real Users

"Its configuration process is time-consuming." [Full Review]

"Integration with Vyara could be better." [Full Review]

"While it is scalable, it can suffer from reduced latencies." [Full Review]

"The deployment is a bit complex." [Full Review]

"A lack of certain features creates limitations." [Full Review]

Advice From Real Users

PRICING AND LICENSING ADVICE

"It is a free-of-cost solution." [Full Review]

"Wazuh is free and open source." [Full Review]

"The current pricing is open source." [Full Review]

Top Reviews by Topic

Wazuh's logging features integrate seamlessly

There are three key strengths of Wazuh that stand

Top Reviews by Topic

One area where Wazuh could be improved is

SAMPLE Council Rock School District

AlienVault OSSIM review by a real user

Useful case management, simple configuration, but integration

Managing Director of Hytec (OLM Group

WHAT IS OUR PRIMARY USE CASE?

We are using AlienVault OSSIM for our internal team to support a SOC capability.

WHAT IS MOST VALUABLE?

WHAT NEEDS IMPROVEMENT?

Ina future releases, it would be beneficial to modernize some of their UI features.

FOR HOW LONG HAVE I USED THE SOLUTION?

I used AlienVault OSSIM for approximately five years.

Continued from previous page

WHAT DO I THINK ABOUT THE STABILITY OF THE SOLUTION?

I rate the stability of AlienVault OSSIM a seven out of ten.

WHAT DO I THINK ABOUT THE SCALABILITY OF THE SOLUTION?

I rare the scalability of AlienVault OSSIM an eight out of ten.

HOW ARE CUSTOMER SERVICE AND SUPPORT?

I rate the stability of AlienVault OSSIM a seven out of ten.

WHICH SOLUTION DID I USE PREVIOUSLY AND WHY DID I SWITCH?

HOW WAS THE INITIAL SETUP?

I rate the initial setup of AlienVault OSSIM a seven out of ten.

Continued from previous page

WHAT'S MY EXPERIENCE WITH PRICING, SETUP COST, AND LICENSING?

WHAT OTHER ADVICE DO I HAVE?

My advice to others would be to do the webinars and stay as standard as possible.

I rate AlienVault OSSIM a seven out of ten.