ArcSight Competitors and Alternatives

The top ArcSight competitors are
  • Splunk
  • IBM QRadar
  • McAfee Enterprise Security Manager (McAfee ESM)
  • LogRhythm NextGen SIEM
  • AlienVault
  • NetIQ Sentinel
  • RSA NetWitness Logs and Packets (RSA SIEM)
  • SolarWinds LEM
Read reviews of ArcSight competitors and alternatives
Splunk Logo
Splunk
seniorcl859464
Vendor
Senior Cloud Operations Analyst at a tech vendor with 1,001-5,000 employees
Apr 24 2018

What is most valuable?

So many of Splunk's features are invaluable to us: * Machine and business data retention * Solid HA and distribution * Adaptability to custom data * Search, Search, Search.

How has it helped my organization?

We are much faster finding and addressing issues with Splunk. We reduce the MTR and get more done.

What needs improvement?

I would like to get visibility into the data pipelines on heavy forwarders and indexers to see exactly their source and the cause of saturation when it occurs. This would help us... more»

What other advice do I have?

I love this product.
Jeff Hawkins
Real User
Director Information Security at Vail Resorts
Oct 26 2017

What is most valuable?

Being able to centralize and have one view of all the threat events coming out of all my multiple security sensors. It has been the easiest SIEM platform that I have worked with or... more»

How has it helped my organization?

It is an easy, centralized view of our environment. Our key challenges and goals are maturing our security operations and security event management process.

What needs improvement?

* Better correlation of all events: We seem to get a lot of misinterpreted data coming from multiple sources. It would be nice to have an easier way to interpret the data and... more»

What other advice do I have?

It is extremely important for our solution to be a unified internal platform. I would recommend looking into it.
AlienVault Logo
AlienVault
reviewer103734
User
IT Officer with 51-200 employees
Aug 22 2017

What is most valuable?

The most valuable aspect of AlienVault is the visibility into the network. You have the capability to gather logs from multiple sources and... more»

How has it helped my organization?

Recently, we used the NetFlow capability to find a bottleneck in the network and the offending computer.

What needs improvement?

It is a lot of work to get the software configured and set up properly.

What's my experience with pricing, setup cost, and licensing?

The engineering support that is provided by AlienVault upon first installation was excellent! They went way above and beyond what I was expecting.

Which other solutions did I evaluate?

No.

Sign Up with Email