ArcSight Review

The two most valuable features for us are the deployment strategy and its operational ease.


Valuable Features

The two most valuable features for us are the deployment strategy and its operational ease.

Improvements to My Organization

As it's an SIEM solution, it won't prove anything overnight. We're still in the implementation stage and filtering out all the noise. It's operationalized, but we're fine tuning it.

Room for Improvement

I'd like to see some threat intelligence out of the box rather than adding it in subscriptions. It also needs more straightforward and simplified correlation rules so that a SOC analyst can dive right in rather than undergo a separate induction program. Right now, the attrition rate is high.

Use of Solution

We've had it for about eight months now.

Deployment Issues

We haven't had any issues with deployment.

Stability Issues

It is a stable product. We've had no issues with instability.

Scalability Issues

We haven't had a need to scale yet, and maybe not for another two or three years.

Customer Service and Technical Support

System integrated support is there, but we haven't had any need to contact HP support. We will soon, though, because we don't really know how to fine tune the product.

Previous Solutions

The threat landscape was the trigger for needing a SIEM product to correlate everything that is going on within the environment.

Initial Setup

We'restill in the implementation stage because it's complex. So the basic things are done, but not the full-scale deployment. It's a process.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest

Sign Up with Email