AlienVault OSSIM

The world’s most widely used open source SIEM.

AlienVault OSSIM is Trusted by Thousands of Security Professionals in 140 Countries… and Counting

AlienVault® OSSIM™, Open Source Security Information and Event Management (SIEM), provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, AlienVault OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

Our Open Source SIEM (AlienVault OSSIM) addresses this reality by providing one unified platform with many of the essential security capabilities you need like:

  • Asset discovery
  • Vulnerability assessment
  • Intrusion detection
  • Behavioral monitoring
  • SIEM event correlation

AlienVault OSSIM leverages the power of the AlienVault® Open Threat Exchange® (OTX™) by allowing users to both contribute and receive real-time information about malicious hosts. In addition, we provide ongoing development for AlienVault OSSIM because we believe that everyone should have access to sophisticated security technologies, to improve the security of all. From the researchers who need a platform for experimentation and the unsung heroes who can’t convince their companies that security is a problem, AlienVault OSSIM offers you a chance to increase security visibility and control in your network.

Get the Most Out of AlienVault OSSIM with These Resources


OSSIM Training: Best Practices for Configuring Your OSSIM Installation


Improve Security Visibility with OSSIM Correlation Directives


OSSIM Training: How to Get the Most Out of Policies & Actions

Compare AlienVault Products: AlienVault OSSIM vs AlienVault USM

Which product is right for you?

For more advanced functionality, AlienVault USM Anywhere™ provides unified essential security controls and continuous threat intelligence to IT security teams with limited resources.

With USM Anywhere, security practitioners can quickly and easily deploy a single platform that delivers powerful threat detection, incident response, and compliance management across cloud environments, on-premises infrastructure, and cloud apps.

AlienVault USM Anywhere offers:

  • Centralized threat detection and incident response across cloud environments, on-premises infrastructure, and cloud apps
  • Log management for continuous compliance and forensics investigations
  • Advanced threat detection with real-time, prioritized alarms and minimal false positives
  • Continuous threat intelligence updates from AlienVault Labs Security Research team so you always stay up to date with emerging threats
  • Pre-built compliance reports for PCI DSS, HIPAA, NIST CSF, and more

“With so many products/services out there, it’s hard for people to know where to start and where they can get the most bang for their buck. AlienVault OSSIM was a great starting point for me, and migrating to AlienVault USM has brought even more value.”

Matthew J. Frederickson
– Cyber Security Specialist at Council Rock School District

Find the Right Solution for Your Organization!