ArcSight Review

Great Scalability and Adaptability but it's Expensive

Valuable Features

Scalability and Adaptability. By Scalability, I mean, the number of supported devices by ArcSight. You can make changes to the current deployment if required or add a new region in the scope by adding components of ArcSight. By Adaptability I mean, once the analysts see what can be achieved by utilizing the various resources of ArcSight, it motivates them to come up with new ideas and how to implement them. The interface is quite user friendly compared to other Vendors.

Improvements to My Organization

We could extract meaningful data of the billions of Security Events and relate it with the extra information we had for our assets.

Room for Improvement

Support from the vendor and pricing.

Use of Solution

3 Years.

Deployment Issues


Stability Issues

Yes, Oracle bugs mostly.

Scalability Issues


Customer Service and Technical Support


Previous Solutions

I have worked on multiple SIEM products. I work as a Senior Security Analyst and have a minimal role in deciding the solution. I only work where it is explicitly an HP ArcSight environment or deployment.

Initial Setup


Implementation Team

Through an in-house team.

Other Advice

Best SIEM product but it's high on pricing and licensing.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Sign Up with Email