ArcSight Enterprise Security Manager (ESM) Overview

ArcSight Enterprise Security Manager (ESM) is the #10 ranked solution of our top Security Information and Event Management (SIEM) tools. It's rated 3.6 out of 5 stars, and is most commonly compared to Splunk: ArcSight Enterprise Security Manager (ESM) vs Splunk

What is ArcSight Enterprise Security Manager (ESM)?

ArcSight is Micro Focus' leading Security Information and Event Management (SIEM) solution. ArcSight helps businesses protect their data through compliance solutions and security analytics.

There are a number of different products and solutions in the ArcSight family so you are able to pick and choose those that are best suited to your business requirements.

With ArcSight, IT can:

  • Monitor IT infrastructure.
  • Manage insider security with secure identity and access control.
  • Automate compliance.
  • Monitor applications.
  • Manage security risks.
  • Identify APTs.

ArcSight Enterprise Security Manager (ESM) is also known as Micro Focus ArcSight, HPE ArcSight, ArcSight .

ArcSight Enterprise Security Manager (ESM) Buyer's Guide

Download the ArcSight Enterprise Security Manager (ESM) Buyer's Guide including reviews and more. Updated: September 2020

ArcSight Enterprise Security Manager (ESM) Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.

ArcSight Enterprise Security Manager (ESM) Video

ArcSight Enterprise Security Manager (ESM) Reviews

Filter by:
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
reviewer1370811
Head - Professional Services at a computer software company with 51-200 employees
Real User
Aug 3, 2020
A mature and simple to use product, but needs a cloud deployment option

What is our primary use case?

We primarily provide this solution to clients.

Pros and Cons

  • The product is quite mature. It's been around for a long time.
  • The biggest requirement is that there is no cloud solution for this product yet. They need to create a cloud version. It's the biggest thing they can do to make the solution better.

What other advice do I have?

We're an authorized partner. We provide this solution to our clients. In terms of implementation, new users should make a list of the requirements they need in order to have a broad idea of what they want the solution to achieve. Once they understand their requirements, it will be easier to find a solution that will match them. For Arcsight, users need to go in with the compliance packs. Arcsight has some additional modules called compliance packs, which can get you automatic reports. That needs to be configured pretty well. The biggest piece everyone needs to consider is the sizing part. It's…
reviewer1397637
Vice President Derivatives Ops IT at a financial services firm with 10,001+ employees
Real User
Top 5Leaderboard
Aug 15, 2020
User interface and setup are good and speedy; deployment typology could be improved

What is our primary use case?

ArcSight monitors any down time with patch management. Whenever any project is on-boarded such as in our security core or asset and wealth management technology, the hardware goes through ArcSight. That is basically our use case whether we're doing the patch management, or the upgrades on that tool, or managing the centralized desktop. ArcSight monitors the failures in the cloud. We have the tech classifications in the CMDB which is integrated with ArcSight and ArcSight pulls out everything on the CMDB and I'm able to see it all - the CMDB database and the CVS scores which are also integrated… more »

Pros and Cons

  • The user interfaces are quite good and speedy.
  • Deployment typology could be improved. Difficult to scale across all the different lines of businesses.

What other advice do I have?

I'm neutral on whether I would recommend this solution. It depends on what typology you are using, and your use cases. If you have a different endpoint, or security tool already doing what this product does and it's already integrated with CMDB, and there's a tool at the endpoint giving the CVS Score, then you don't need an SIEM platform. On the pricing side, QRadar is much costlier compared to ArcSight. There's a trade off. Anyone aiming for something specific will go for ArcSight monitoring rather than going for Qradar because deployment of the SIEM is not so easy for the larger deployment…
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: September 2020.
447,439 professionals have used our research since 2012.
reviewer1342554
Head Solution Delivery at a financial services firm with 201-500 employees
Real User
Sep 22, 2020
Good monitoring and analytics components with pretty good technical support

What is our primary use case?

We primarily use the solution for its technology including its independent logs, and those types of things. The technology we leverage is for third parties.

Pros and Cons

  • The solution offers very good monitoring.
  • The stability isn't quite perfect. We occasionally run into problems.

What other advice do I have?

We're just a customer. We don't have a business relationship with the company. We're using the latest version of the solution. I'm not sure of the exact version number. I'd rate the solution eight out of ten. Due to the technology inherant the background of the product. Overall, it's quite good, although we have run into stability issues in the past.
Luthfiana Hudaya
User at NOOSC Global
Real User
Jun 19, 2019
Helpful for detecting malware and intrusions, but needs support for devices that are absent of log files

What is our primary use case?

We have a customer who is using this solution for information security monitoring.

Pros and Cons

  • For the typical malware or intrusion, this solution assists us by identifying the symptoms based on network traffic from the application servers.
  • The weakness in this system comes about because, with so many different logs, it is possible that the security analyst will lose information.

Cost and Licensing Advice

  • The cost of the solution is not very high, although hiring a qualified analyst to work with the product is expensive.

What other advice do I have?

In summary, this solution requires a dedicated person that has specific competency in this product. It is not a plug and play product that allows you to simply focus on the analytics. It is not easy for an amateur. The suitability of this solution depends on the complexity of the system. If the organization is very large, for example nationwide, then a log-based approach such as this one will be very difficult to implement. Obviously, if the device does not generate a log then it is not supported by this solution. Our client has successfully deployed it for use with several devices, including…
ArcSight677
Senior Officer IT at a financial services firm with 10,001+ employees
Real User
Jun 18, 2019
Interactive dashboards provide lots of detail, but tough to operate for new users

Pros and Cons

  • I think that the overall experience with this solution is good, but in particular, I think that the dashboards are quite interactive.
  • It would be nice if the interface were more user-friendly, with, for example, a minimal number of tabs to navigate.

What other advice do I have?

This is a really good solution and I would recommend it. If you know how to work it, and how to configure it properly, then it can give you lots and lots of information. On the other hand, it provides so much detail that people can miss things. If the interface and reports were minimized and consolidated then it would be better. I would rate this solution a seven out of ten.
Teguh Budyantara
IT Manager at Royal Cemerlang
Real User
Top 20
Mar 19, 2019
Enables us to minimize the damages of WannaCry attacks

What is our primary use case?

Our primary use case if for analyzing cybersecurity.

Pros and Cons

  • When WannaCry attacks I can minimize the damage. My company had no protection at the time. We get alerts in ArcSight and then whenever a user got a copy of WannaCry and the WannaCry malware wants to connect to the mother ship, it alerts me in the ArcSight dashboard, and that helps us a lot. We then just go to the user and erase the malware.
  • In other products, I have found that they use some kind of GUI that is drag and drop. While in ArcSight they use still scripting. They should keep scripting because some people prefer scripting but they should have the option for those who prefer using drag and drop.

Cost and Licensing Advice

  • The pricing is great compared to others.

What other advice do I have?

I would rate it an eight out of ten. Not a ten because of the drag and drop feature I'd like for them to include and because I think they should include more enterprise security use cases.
reviewer1069233
Principal Enterprise Architect (Technology, Cloud & Security) at a retailer with 10,001+ employees
Real User
Sep 13, 2020
It supports cloud deployment and is very stable

Pros and Cons

  • The feature that I have found the most useful is that it can be deployed to the cloud.
  • The centralized dashboard for the hybrid cloud environment needs to be more focused. It needs to be redefined because it's missing most of the information. It should be a little bit easy to use. Currently, integration with various applications and connectors is not that easy. Deployment is easy, but integration is not that easy. ArcSight also has a very high bandwidth consumption to pull the local servers. It should have some kind of better process or ability to transfer files from on-premises to the cloud, from the cloud to on-premises, and from a cloud to another cloud.

What other advice do I have?

If you have data centers, an SME or in-house resource to train people, and no budget constraint, then go with IBM. If you have a limited budget, hybrid environment, and untrained manpower, then go for Darktrace, AlienVault, or some other solution. I would rate ArcSight an eight out of ten.
reviewer1284078
Information Security Analyst at a comms service provider with 1,001-5,000 employees
Real User
Aug 17, 2020
The roadmap is not clear but it has a very good correlation feature

What is our primary use case?

Our primary use case is for security purposes. We are customers of ArcSight and I'm an information security analyst.

Pros and Cons

  • The correlation feature is good.
  • The roadmap is not clear.

What other advice do I have?

Honestly, I won't recommend the ArcSight to another person. I would rate this solution a four out of 10.
See 4 more ArcSight Enterprise Security Manager (ESM) Reviews
Buyer's Guide
Download our free ArcSight Enterprise Security Manager (ESM) Report and get advice and tips from experienced pros sharing their opinions.