AlienVault OSSIM
The World’s Most Widely Used Open Source SIEM
AlienVault OSSIM is Trusted by Thousands of Security Professionals in 140 Countries… and Counting
AlienVault OSSIM, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.
Our Open Source SIEM (AlienVault OSSIM) addresses this reality by providing one unified platform with many of the essential security capabilities you need like:
- Asset discovery
- Vulnerability assessment
- Intrusion detection
- Behavioral monitoring
- SIEM event correlation
AlienVault OSSIM leverages the power of the AlienVault Open Threat Exchange (OTX) by allowing users to both contribute and receive real-time information about malicious hosts. In addition, we provide ongoing development for AlienVault OSSIM because we believe that everyone should have access to sophisticated security technologies, to improve the security of all. From the researchers who need a platform for experimentation and the unsung heroes who can't convince their companies that security is a problem, AlienVault OSSIM offers you a chance to increase security visibility and control in your network.
Compare AlienVault Products: AlienVault OSSIM vs AlienVault USM:
OSSIM, our Open Source Security Information and Event Management (SIEM) product, provides proven, core SIEM functionality, including event collection, normalization, and correlation. For organizations that are looking for a more complete solution to security monitoring, AlienVault Unified Security Management (USM) delivers additional functionality that provides everything needed for effective threat detection, incident response, and compliance management — all in a single pane of glass.
Which product is right for you?
For more advanced functionality, AlienVault USM Anywhere provides unified essential security controls and continuous threat intelligence to IT security teams with limited resources.
With USM Anywhere, security practitioners can quickly and easily deploy a single platform that delivers powerful threat detection, incident response, and compliance management across cloud environments, on-premises infrastructure, and cloud apps.
AlienVault USM Anywhere offers:
- Centralized threat detection and incident response across cloud environments, on-premises infrastructure, and cloud apps
- Log management for continuous compliance and forensics investigations
- Advanced threat detection with real-time, prioritized alarms and minimal false positives
- Continuous threat intelligence updates from AlienVault Labs Security Research team so you always stay up to date with emerging threats
- Pre-built compliance reports for PCI DSS, HIPAA, NIST CSF, and more
Find the Right Solution for Your Organization!
 |
 |
|
| Which option is right for you? | AlienVault OSSIM | USM Anywhere |
|---|---|---|
| Product Availability | Open Source Software Download | Cloud-Hosted Service |
| Pricing | Open Source | Annual Subscription Pricing |
| Security Monitoring | On-premises Physical & Virtual Environments | AWS & Azure Cloud Environments Cloud Apps On-premises Physical & Virtual Environments |
| Deployment Architecture | Single Server Only | SaaS Delivery with sensors deployed in each monitored environment Federation-ready |
| Security Capabilities: | ||
| Asset Discovery & Inventory | ||
| Vulnerability Assessment | ||
| Intrusion Detection | ||
| Behavioral Monitoring | ||
| SIEM Event Correlation | ||
| Log Management | ||
| AWS & Azure Cloud Monitoring | ||
| Cloud Apps Security Monitoring | ||
| Additional Features: | ||
| Security Orchestration & Automation | ||
| Integration with Third-Party Ticketings Software (JIRA, ServiceNow) | ||
| Community Support via Product Forums | ||
| Powered by the Open Threat Exchange | ||
| Continuous Threat Intelligence | ||
| Dedicated Phone & Email Support | ||
| Online Product Documentation & Knowledge Base | ||
| Rich Analytics Dashboards & Data Visualization | ||