We performed a comparison between AlienVault OSSIM and ArcSight Enterprise Security Manager (ESM) based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The dashboard is the solution's most valuable aspect. It brings everything into one central point where I can actually look at it and go, "Okay, I understand what's going on.""
"The threat policies of the solution are always very advanced and the best in the market. They are very persistent in terms of keeping up with security protocols."
"The most valuable features of AlienVault OSSIM are case management, ease of configuration, and investigation."
"The product is easy to use."
"Asset discovery is good."
"The most valuable feature is the logging capability."
"AlienVault OSSIM is an enterprise solution that sells easily. It is rated highly by organizations."
"The threat alerts it gives me from time to time on harmful code within the network, or if they are generating any network traffic, are very useful."
"We use ArcSight ESM for log analysis and security alerts. It warns us of threats and then helps us conduct a forensic investigation of a cyber attack or internal incident after it happens."
"We do consulting and I get feedback from our clients that the product really helped them with compliance, especially with GDPR."
"Very good real-time reporting with a good dashboard."
"There are many features that are good for clients who are looking for a good SIEM solution. They like the ease of creating a business that is effective and impressive."
"For the typical malware or intrusion, this solution assists us by identifying the symptoms based on network traffic from the application servers."
"Once the rules are defined, it is capable of detecting minute changes in the systems, which are effectively based on the entries in the log."
"It prevented my users from getting infected by ransomware. It can also pinpoint the story behind every virus or network attack to our environment."
"The most valuable feature of ArcSight ESM is its ease of use."
"The user interface could be improved."
"There needs to be more support or some kind of training program so users can self-learn the system more effectively."
"AlienVault OSSIM is costly."
"GUI could be improved."
"The correlation engine needs to be improved."
"AlienVault OSSIM should improve the deployment and make it unified like the USM."
"When comparing AlienVault OSSIM to other solutions it looks a bit outdated. Additionally, they need to improve their integration."
"I would like the solution to be able to integrate with my firewall, my IDS and my Honeypot solutions so that it can provide real-time reporting as things occur and then have alert sent to me on my phone when suspicious activity is happening."
"There could be more API features for extracting logs on different devices included in the product."
"The onboarding process for this solution could be better. It also needs a better GUI."
"When we need to consume old events, we have to wait for a long time. ArcSight should improve the database capability to reply to queries faster. It would also be interesting if they implemented network visibility. For example, they could add a feature like NetWitness with a model just for looking through the packets."
"The initial setup could be more straightforward."
"ArcSight ESM could improve the alerts for the storage capacities or actions."
"The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible."
"I am having issues with report generation with older versions. I don't know if this is because of compatibility issues, but report generation has been a little bit difficult in older versions. It is not similar to the newer and current versions. We are looking at moving to the cloud. It would be good if ArcSight ESM can move to the cloud. They already seem to be working on this. It would also be very helpful and great if we can integrate external threat intelligence, machine learning, and AI into this solution. It has good dashboards, but they can always be better. Its stability can also be improved."
"We have pricing issues. ArcSight ESM may not be the most user-friendly option, and its interface is quite traditional. However, despite these aspects, we find it a good cybersecurity solution. It needs to improve the dashboards, documentation, and support as well."
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
AlienVault OSSIM is ranked 14th in Security Information and Event Management (SIEM) with 27 reviews while ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews. AlienVault OSSIM is rated 7.4, while ArcSight Enterprise Security Manager (ESM) is rated 7.8. The top reviewer of AlienVault OSSIM writes "An easy-to-scale open-source solution used for monitoring events on devices ". On the other hand, the top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". AlienVault OSSIM is most compared with Wazuh, Elastic Security, USM Anywhere, Splunk Enterprise Security and Microsoft Sentinel, whereas ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, ArcSight Intelligence, Trellix ESM, IBM Security QRadar and Elastic Security. See our AlienVault OSSIM vs. ArcSight Enterprise Security Manager (ESM) report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.