OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified platform providing: Asset discovery Vulnerability assessment Intrusion detection Behavioral monitoring SIEM OSSIM provides the basis for AlienVault's proprietary Unified Security…
N/A
OpenText Asset Management X
Score 8.4 out of 10
N/A
Micro Focus Asset Management X (formerly HP Asset Manager) is enterprise-class IT asset management (ITAM) solution acquired by Micro Focus from Hewlett Packard Enterprise, supporting change and configuration management and license management.
If this is your first experience with a SIEM, this one can get you started. Take the time to learn the ins and outs of the product and you'll most likely be satisfied with it if your company is an SMB. If you need compliance reports, OSSIM is too small for you, you'll need to go with USM or USM Anywhere.
Asset Manager is great for people who understand the Software Development Lifecycle and are familiar with the terminology, however for a new assistant, or a new novice user, the software can seem over-whelming with the rather confusing terminology and a multitude of tabs that open up. It's definitely great software to use for a professional PM, however an assistant would be lost in the tools being offered.
Asset discovery. Once installed in a centric, network-accessible server, OSSIM can poll all your endpoints with common protocols (SSH, SNMP, WMI) to detect and discover site-wide assets to monitor. You only need to group them by your own criteria once added to the product.
SIEM Event Correlation. You can define quite complex correlation rules to detect possible suspicious or malicious actions or attempts in your network, in order to categorize them as real threats or as false positives, thus streamlining your risk assessment and management.
Ease of installation. The entire AlienVault OSSIM is self-contained in an ISO file, which can be burned into a DVD or just mounted in your server of choice (physical or virtual) for deployment. The installation process is automated and quote verbosed, with options for static IP, email messaging and others.
Ease of access. Being AlienVault OSSIM a self-contained appliance, it can be accessed via web by any device that supports a web browser, being that desktops, workstation, mobile devices, etc. The OSSIM dashboard and other features are automatically rearranged to adapt to the particular device being in use.
Need more video tutorials - Although HP has great FAQs and has included the keyword search for topics, but some video tutorials would be great to help a new user.
Overwhelming at times. I remember when I first started using the software, just the magnitude of tools were too much. However even though I don't use half the tools even now, just the possibility of more functions available to me, makes it a great software.
Secure Log-in - I would like HP to invest into single sign-on where you don't need to put in your user ID & password constantly. A push notification to a personal device would a great added feature.
AlienVault OSSIM is far easy to use and manage - provided you know what you're doing. As any SIEM application, there is some background knowledge required in order to take advantage of the product's functionalities, such as the log correlation and analysis. Other than that, the application is quite usable and robust.
Everything is done through MSSP and installation pro services. Once those hours are burned up, then you're on your own without a lot of help. Typically the pro services hours aren't enough to get past 60 days and MSSP are hit and miss. We had a miss for installation helpers.
Originally my organization leveraged alien value due to the lower cost of entry and ability to manage it as a service provider. Unfortunately, after several years of working with this tool, it became unwieldy to use as it felt that almost every useful report had to be created by hand. As other tools have come out with the ability to do automated responses such as Stellar Data processor, we have begun to evaluate alternatives.
HP Asset Manager is definitely enterprise grade, whereas the other asset Management programs I have are specific to either one industry or a smaller locations that might not need the deep analysis & reporting functionalities & tools that are provided by HP. The cost is indeed higher than other programs like Fox Graphic Tracker (Internal Software) and Samange that I have used in the past, but for a large enterprise with multiple ongoing projects, HP Asset Manager is the way to go !
HP Asset Manager is great for compliance purposes. We know we have all the licenses in place when needed for upgrades or yearly reviews. Saves us times.
Ability to track & print reports saves PMs time in quartely reviews.
Great way to prepare for any presentations by the use of analytical tools which saves us money in investing in other software for presentation purposes.