The two most valuable features for us are the deployment strategy and its operational ease.
ArcSight Enterprise Security Manager (ESM) Review
The two most valuable features for us are the deployment strategy and its operational ease.
What is most valuable?
How has it helped my organization?
As it's an SIEM solution, it won't prove anything overnight. We're still in the implementation stage and filtering out all the noise. It's operationalized, but we're fine tuning it.
What needs improvement?
I'd like to see some threat intelligence out of the box rather than adding it in subscriptions. It also needs more straightforward and simplified correlation rules so that a SOC analyst can dive right in rather than undergo a separate induction program. Right now, the attrition rate is high.
For how long have I used the solution?
We've had it for about eight months now.
What was my experience with deployment of the solution?
We haven't had any issues with deployment.
What do I think about the stability of the solution?
It is a stable product. We've had no issues with instability.
What do I think about the scalability of the solution?
We haven't had a need to scale yet, and maybe not for another two or three years.
How are customer service and technical support?
System integrated support is there, but we haven't had any need to contact HP support. We will soon, though, because we don't really know how to fine tune the product.
Which solution did I use previously and why did I switch?
The threat landscape was the trigger for needing a SIEM product to correlate everything that is going on within the environment.
How was the initial setup?
We'restill in the implementation stage because it's complex. So the basic things are done, but not the full-scale deployment. It's a process.
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Mar 10 2016
More ArcSight Enterprise Security Manager (ESM) reviews from users
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: April 2021.
476,163 professionals have used our research since 2012.
Author
technica402861
Senior Manager - Cyber Security at a comms service provider with 1,001-5,000 employees
Real User
LeaderboardHighlights
This process has helped to improve our organization because we have centralized the intra-group security equipment logs.
I think that the overall experience with this solution is good, but in particular, I think that the dashboards are quite interactive.
For the typical malware or intrusion, this solution assists us by identifying the symptoms based on network traffic from the application servers.
ArcSight gives us better visibility into threats that were unknown earlier.
The product is quite mature. It's been around for a long time.
The user interfaces are quite good and speedy.
The correlation feature is good.
Product Categories
Security Information and Event Management (SIEM)Popular Comparisons
LogRhythm NextGen SIEM
RSA NetWitness Logs and Packets (RSA SIEM)
Fortinet FortiSIEM
AT&T AlienVault USM
SolarWinds Security Event Manager
Securonix Security Analytics
AWS Security Hub
Buyer's Guide
Download our free ArcSight Enterprise Security Manager (ESM) Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
- Which is the best SIEM solution for a government organization?
- What is the difference between IT event correlation and aggregation?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
- What is the difference between SIEM and SOAR platforms?
- What is the difference between log management and SIEM?
- Which SIEM is best fit with Palo Alto Cortex XDR?
- How does Network Detection and Response (NDR) Differ from SIEM?
- Are you using a SIEM platform with AWS Cloudwatch?