We performed a comparison between ArcSight Enterprise Security Manager (ESM) and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The feature that I have found the most useful is that it can be deployed to the cloud."
"The most valuable features of ArcSight ESM are ease of use and readily usable components."
"Some of the benefits of using this solution are rapid correlation and near-time response on alerts."
"It has absolutely improved the efficiency of our security team. We use it internally as well. It is such a powerful tool that our internal security team became a customer of our ArcSight managed service."
"The real-time analysis adds value."
"ESM has valuable features for event prediction and security analysis."
"It is a very useful tool for intelligence building because it has many use cases and many rule sets."
"The most valuable feature of ArcSight ESM is its ease of use."
"The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame."
"Simple configuration and automatically syncs to the cloud platform."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"Features for user behavior analytics and the rules for attack review are good."
"InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly."
"I like that it's a cloud-based solution."
"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"The analytics feature is not reliable and needs improvement for more detailed analysis."
"They need to develop NetFlow appliances that can be installed in the customer network on span ports, collect NetFlow, and send it to ArcSight without relying on the devices' NetFlow capability and their position in the network."
"The dashboard looks a bit cumbersome."
"ArcSight ESM is lacking cloud scalable technology."
"The weakness in this system comes about because, with so many different logs, it is possible that the security analyst will lose information."
"The visualization is not very good compared to Splunk."
"ArcSight ESM needs to improve performance, user interface, and automation."
"ArcSight ESM's UI is a little cumbersome and complex, especially for first-time and occasional users using the console manager."
"Inability to get access to compliance reports within the solution."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"The dashboard is an area that could be simplified."
"Lacks a mobile application."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"InsightIDR is only available in a cloud version. Some of our customers prefer an on-prem solution because they want to manage the security within their environment."
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 30 reviews. ArcSight Enterprise Security Manager (ESM) is rated 7.8, while Rapid7 InsightIDR is rated 8.4. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, ArcSight Intelligence, Trellix ESM and IBM Security QRadar, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar. See our ArcSight Enterprise Security Manager (ESM) vs. Rapid7 InsightIDR report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.