ArcSight Review

It's able to track down security incidents faster and make for a more efficient investigation of a user's network activity based on the log data available.


Valuable Features:

  • Alert correlation
  • Reporting
  • Retention

These are the features we find most valuable for us and which we use the most.

Improvements to My Organization:

It's able to track down security incidents faster and make for a more efficient investigation of a user's network activity based on the log data available.

Due simply to the user features available out-of-the-box, the convenience it can bring to any organization (when deployed and configured correctly) can greatly assist any enterprise in many facets, from an increased and enhanced security posture, to auditory regulations and even data retention.

Room for Improvement:

It needs additional and better user customization for SmartConnectors. It has additional device support for more obscure log sources.  

Also needed is a configuration wizard for organizations lacking the in-depth knowledge required to integrate the solution successfully.

Deployment Issues:

We've had no issues with deployment.

Stability Issues:

We've had no issues with instability. It's been stable for us.

Scalability Issues:

We've been able to scale it for our needs. We've had no issues with scalability.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email