ArcSight Review
Great Scalability and Adaptability but it's Expensive


Valuable Features

Scalability and Adaptability. By Scalability, I mean, the number of supported devices by ArcSight. You can make changes to the current deployment if required or add a new region in the scope by adding components of ArcSight. By Adaptability I mean, once the analysts see what can be achieved by utilizing the various resources of ArcSight, it motivates them to come up with new ideas and how to implement them. The interface is quite user friendly compared to other Vendors.

Improvements to My Organization

We could extract meaningful data of the billions of Security Events and relate it with the extra information we had for our assets.

Room for Improvement

Support from the vendor and pricing.

Use of Solution

3 Years.

Deployment Issues

No

Stability Issues

Yes, Oracle bugs mostly.

Scalability Issues

No.

Customer Service and Technical Support

Good.

Previous Solutions

I have worked on multiple SIEM products. I work as a Senior Security Analyst and have a minimal role in deciding the solution. I only work where it is explicitly an HP ArcSight environment or deployment.

Initial Setup

Straightforward.

Implementation Team

Through an in-house team.

Other Advice

Best SIEM product but it's high on pricing and licensing.
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Add a Comment

Guest
Why do you like it?

Sign Up with Email