ArcSight Analytics Review

Scalability is poor; we need the ability to capture larger amounts of data


What is our primary use case?

Our primary use case for this solution is as a SIEM.

How has it helped my organization?

We're leveraging it to detect incidents and attacks. We have seen a measurable decrease, by about 20 percent, in the mean time to detect and respond to risks. It has also helped to increase staff productivity, saving 20 percent in terms of time.

What is most valuable?

One of the most valuable features is the alerts.

What needs improvement?

I would like to see orchestration.

What do I think about the stability of the solution?

It's very stable.

What do I think about the scalability of the solution?

The scalability is poor. We need the ability to capture larger amounts of data.

How are customer service and technical support?

Technical support is average.

If you previously used a different solution, which one did you use and why did you switch?

This is the first solution of its kind that we deployed.

How was the initial setup?

The initial setup was complex. It's a difficult product to navigate, it's complex. And the service was poor, back when we started with the product.

What's my experience with pricing, setup cost, and licensing?

In addition to the costs of standard licensing fees, there is the cost of labor for maintenance.

What other advice do I have?

Understand your data first and then find a solution that handles the data you have.

I rate the solution at four out of ten because of the complexity and the lack of ability to capture large amounts of data.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email