We performed a comparison between ArcSight Enterprise Security Manager (ESM) and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."ArcSight ESM allows us to find if someone is doing an administrative operation at inappropriate times of day or trying to do something they're not allowed to."
"The stability of ArcSight Enterprise Security Manager is good."
"Once the rules are defined, it is capable of detecting minute changes in the systems, which are effectively based on the entries in the log."
"We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities."
"For the typical malware or intrusion, this solution assists us by identifying the symptoms based on network traffic from the application servers."
"Very good real-time reporting with a good dashboard."
"SmartConnector: Normalization parses raw logs and converts them into CEF (common event format). This is the core of the product."
"It makes maintenance very easy."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"Simple configuration and automatically syncs to the cloud platform."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"It improved my organization by building a security alerting program."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"It is a very stable solution."
"It would be nice if the interface were more user-friendly, with, for example, a minimal number of tabs to navigate."
"They should try to include business logic vulnerabilities in the SIEM tool."
"The UI interface is somewhat complex and needs to be simplified."
"The biggest requirement is that there is no cloud solution for this product yet. They need to create a cloud version. It's the biggest thing they can do to make the solution better."
"Deployment typology could be improved. Difficult to scale across all the different lines of businesses."
"Customer service during the transition from HPE to Micro Focus was abysmal where it became disruptive to our service delivery."
"The roadmap is not clear."
"The security area has room for improvement."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"The product allows us to make only 30 custom rules."
"The ability to tune the collector for custom logs would greatly help."
"Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition."
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while Rapid7 InsightIDR is ranked 9th in Security Information and Event Management (SIEM) with 30 reviews. ArcSight Enterprise Security Manager (ESM) is rated 7.8, while Rapid7 InsightIDR is rated 8.4. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, Trellix ESM, ArcSight Intelligence, IBM Security QRadar and Elastic Security, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar. See our ArcSight Enterprise Security Manager (ESM) vs. Rapid7 InsightIDR report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.