We performed a comparison between ArcSight Enterprise Security Manager (ESM) and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features of ArcSight ESM are the dashboards, ease of management for anyone, and simple for teams to provide reports related to cyber security. There are a lot of good features that are provided."
"The most useful features are directories, price, and live reporting."
"ArcSight ESM allows us to find if someone is doing an administrative operation at inappropriate times of day or trying to do something they're not allowed to."
"I would rate the ease of use for new users an eight out of ten, with ten being easy to use. It is a good tool."
"The stability of ArcSight Enterprise Security Manager is good."
"The feature that I have found the most useful is that it can be deployed to the cloud."
"It is a vital tool for live monitoring and helps us to understand the traffic alerts of any major issue on the network, thereby reducing hacking attempts."
"We use ArcSight ESM for log analysis and security alerts. It warns us of threats and then helps us conduct a forensic investigation of a cyber attack or internal incident after it happens."
"The web interface is great — very useful and user-friendly."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"The solution's initial setup is easy."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"I like that it's a cloud-based solution."
"Rapid7 is easy to use and deploy. It is a simple solution and has easy data pulling."
"Rapid7's reporting is more robust than Tenable's."
"Enables the use of honey pots, honey users, and honey files to monitor for suspicious patterns."
"The security area has room for improvement."
"Customer service and support is our biggest challenge."
"In other products, I have found that they use some kind of GUI that is drag and drop. While in ArcSight they use still scripting. They should keep scripting because some people prefer scripting but they should have the option for those who prefer using drag and drop."
"There could be more API features for extracting logs on different devices included in the product."
"We have pricing issues. ArcSight ESM may not be the most user-friendly option, and its interface is quite traditional. However, despite these aspects, we find it a good cybersecurity solution. It needs to improve the dashboards, documentation, and support as well."
"I would like to have a feature that gives us an entire report listing what devices are integrated."
"ArcSight ESM's UI is a little cumbersome and complex, especially for first-time and occasional users using the console manager."
"Customer service during the transition from HPE to Micro Focus was abysmal where it became disruptive to our service delivery."
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"They should add more configuration and security features to it."
"The APIs can be further improved in Rapid7."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"The dashboard is an area that could be simplified."
"It takes time for the product's support team to resolve issues, making it an area of concern where improvements are required."
"One thing that springs to mind is easier API integration with ITSMs. We are evaluating a new ITSM and I would like to have InsightIDR create a ticket when an attack is identified, and the ticket would be closed in InsightIDR when the ITSM resolution is completed. This would take out the "single point of failure" we currently have, if the email recipient is somehow absent, in recording the risk appetite for the incident and the actions taken to mitigate or not."
"Lacks a mobile application."
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews. ArcSight Enterprise Security Manager (ESM) is rated 7.8, while Rapid7 InsightIDR is rated 8.4. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, ArcSight Intelligence, Trellix ESM and IBM Security QRadar, whereas Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar. See our ArcSight Enterprise Security Manager (ESM) vs. Rapid7 InsightIDR report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.