Security Information and Event Management (SIEM) » ArcSight Reviews » Version 6.8 » Review

ArcSight Review

It's able to track down security incidents faster and make for a more efficient investigation of a user's network activity based on the log data available.

Valuable Features:

Alert correlation
Reporting
Retention

These are the features we find most valuable for us and which we use the most.

Improvements to My Organization:

It's able to track down security incidents faster and make for a more efficient investigation of a user's network activity based on the log data available.

Due simply to the user features available out-of-the-box, the convenience it can bring to any organization (when deployed and configured correctly) can greatly assist any enterprise in many facets, from an increased and enhanced security posture, to auditory regulations and even data retention.

Room for Improvement:

It needs additional and better user customization for SmartConnectors. It has additional device support for more obscure log sources.

Also needed is a configuration wizard for organizations lacking the in-depth knowledge required to integrate the solution successfully.

Deployment Issues:

We've had no issues with deployment.

Stability Issues:

We've had no issues with instability. It's been stable for us.

Scalability Issues:

We've been able to scale it for our needs. We've had no issues with scalability.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

Aug 29 2016

Next Review: It makes user behavior and…

Add a Comment

Guest