ArcSight Analytics Room for Improvement

Syed Ubaid Ali Jafri
Head of Cyber Security at KPMG Pakistan
They should improve on the following: * Timely resolution of issues and proper support once a ticket has been generated. * Systems appearing on the network which are not part of the domain controller. These should be monitored. * Inactive connections from servers, which are upgraded or downgraded within a VM, should be automatically revoked. * Logger monitoring should be separated from ESM monitoring. * Ability to integrate with cloud-based applications and monitor cloud-based events. * Ability to log and notify tailored rules via SMS/email. * Provide more ArcSight training and workshops. View full review »
Security Architect at a tech services company with 1-10 employees
I would like to see some advanced analytics. View full review »
SOC Engineer at a transportation company with 1,001-5,000 employees
I would like to see orchestration. View full review »

Sign Up with Email