ArcSight Enterprise Security Manager (ESM) Room for Improvement

reviewer1370811
Head - Professional Services at a computer software company with 51-200 employees
Over the past two years, a lot of improvements have been happening. The biggest requirement is that there is no cloud solution for this product yet. They need to create a cloud version. It's the biggest thing they can do to make the solution better. The dashboard and user interface need some work. It's my understanding that they are developing better versions of those now. View full review »
reviewer1397637
Vice President Derivatives Ops IT at a financial services firm with 10,001+ employees
The deployment typology could be improved. If you want to scale across all the different lines of businesses, it should be easy to do that and it's not. If I'm doing DMX monitoring, I shouldn't need a different SIEM. For the traditional application servers which are RTTR architecture-based, the legacy applications, which might be Java or steam-based applications, require DMX monitoring, currently provided by Nagios. Instead, the monitoring could be different types of monitoring which we could get from ArcSight. It would save the cost of doing the DMX monitoring from Nagios. QRadar has a dashboard which includes most of the monitoring, data and everything. The features in ArcSight could be more like that. View full review »
reviewer1342554
Head Solution Delivery at a financial services firm with 201-500 employees
We need to have more data to work with. The more data you have the more you will be able to give off the right information based on the historical information allows you to take more action. When you don't have enough data, you can't really get the right insights. The stability isn't quite perfect. We occasionally run into problems. View full review »
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: September 2020.
446,626 professionals have used our research since 2012.
Luthfiana Hudaya
User at NOOSC Global
One of the problems for the security center is that there are many logs that need to be retrieved from a variety of network devices. The weakness in this system comes about because, with so many different logs, it is possible that the security analyst will lose information. I would like to have better support for wide-area data analytics. Ideally, I would like to see ArcSight have the ability to consume raw information, or raw data, without being dependent on a log file. View full review »
ArcSight677
Senior Officer IT at a financial services firm with 10,001+ employees
For somebody who is new and just starting with this product, they find it really tough. The software is quite big. It would be nice if the interface were more user-friendly, with, for example, a minimal number of tabs to navigate. A walkthrough that shows everything a normal user might do would be very helpful. I would like to see improvements on the Active Channel side of this solution. View full review »
Teguh Budyantara
IT Manager at Royal Cemerlang
In other products, I have found that they use some kind of GUI that is drag and drop. While in ArcSight they still use scripting. They should keep scripting because some people prefer scripting but they should have the option for those who prefer using drag and drop. They should do something similar to what Splunk is doing. They have Enterprise Security and ArcSight should include some use cases that concentrate on Enterprise Security. View full review »
reviewer1069233
Principal Enterprise Architect (Technology, Cloud & Security) at a retailer with 10,001+ employees
The centralized dashboard for the hybrid cloud environment needs to be more focused. It needs to be redefined because it's missing most of the information. ArcSight should also be a little bit easy to use. Currently, integration with various applications and connectors is not that easy. Deployment is easy, but integration is not that easy. ArcSight also has a very high bandwidth consumption to pull the local servers. It should have some kind of better process or ability to transfer files from on-premises to the cloud, from the cloud to on-premises, and from a cloud to another cloud. View full review »
reviewer1284078
Information Security Analyst at a comms service provider with 1,001-5,000 employees
A lot of improvements could be made in the product. I think the roadmap is not clear, and there is no AI or machine learning solution. View full review »
Analyst0909
Analyst at a financial services firm with 10,001+ employees
They should make a user manual for the technical people. I would like for them to integrate mobile devices. Integration or any kind of functionality which will act as a substitute for IBM so that we can really track our mobile devices as well as look at SIEM. View full review »
Filip Simeonov
Information Security and Business Data Protection Specialist at a comms service provider with 1,001-5,000 employees
The security area has room for improvement. View full review »
Utkarsh Srivastava
CISO and DPO at ValueLabs LLP
The following needs to be improved: * We would like the ability to easily identify either unused resources or those that are being used sub-optimally. * ESM should make usage of variables and other such deep customizations, highly intuitive. * User behavior analytics is too pricey but an essential tool. View full review »
Hong Jinki
Security Manager at shinhan DS
There are several improvements that we would like to see, including: * Building a system based on a log collection (SOC) * A scenario for external encroachment * Operator training View full review »
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: September 2020.
446,626 professionals have used our research since 2012.