ArcSight Pros and Cons

ArcSight Pros

Karlo Luiten Crisc Cissp
Security Consultant at a tech services company with 5,001-10,000 employees
The real-time analysis adds value.
View full review »
Jordan French
Business Development Manager- Threat Management Services at a tech services company with 5,001-10,000 employees
It has absolutely improved the efficiency of our security team. We use it internally as well. It is such a powerful tool that our internal security team became a customer of our ArcSight managed service.
View full review »
Ssaurabh Kesari
Ex Senior Security Analyst and Onsite consultant at a tech services company with 1,001-5,000 employees
The tool sends an automated mail to all the operators, which makes it easy to share the information and reporting.​
Once the rules are defined, it is capable of detecting minute changes in the systems, which are effectively based on the entries in the log.​
​It is a vital tool for live monitoring and helps us to understand the traffic alerts of any major issue on the network, thereby reducing hacking attempts.
Once the rules are defined, it becomes easy to detect changes and generate automated logs.
View full review »
Hatem Metwally
Senior Security Consultant, CISSP, HPE ArcSight Specialist at a retailer with 5,001-10,000 employees
SmartConnector: Normalization parses raw logs and converts them into CEF (common event format). This is the core of the product.
View full review »
Teguh Budyantara
IT Manager at Royal Cemerlang
When WannaCry attacks I can minimize the damage. My company had no protection at the time. We get alerts in ArcSight and then whenever a user got a copy of WannaCry and the WannaCry malware wants to connect to the mother ship, it alerts me in the ArcSight dashboard, and that helps us a lot. We then just go to the user and erase the malware.
View full review »
Karthik Velli
Delivery Consultant - Security Solutions with 1,001-5,000 employees
Customization. ArcSight gives you a platform to on-board out-of-the-box devices with a more accurate way of collecting desired logs/events.
View full review »
Analyst0909
Analyst at a financial services firm with 10,001+ employees
We do consulting and I get feedback from our clients that the product really helped them with compliance, especially with GDPR.
View full review »
Filip Simeonov
Information Security and Business Data Protection Specialist at a comms service provider with 1,001-5,000 employees
The webpage algorithm is the most valuable feature because it was the fastest feature for searching the logs, events, and correlation.
View full review »
Teguh Budyantara
IT Manager at Royal Cemerlang
It prevented my users from getting infected by ransomware. It can also pinpoint the story behind every virus or network attack to our environment.
View full review »

ArcSight Cons

Karlo Luiten Crisc Cissp
Security Consultant at a tech services company with 5,001-10,000 employees
HPE ArcSight has a quite steep learning curve.
View full review »
Jordan French
Business Development Manager- Threat Management Services at a tech services company with 5,001-10,000 employees
The initial setup is very complex. We had to architect a deployment which allowed us to incorporate an ever growing number of customers into our hosted instance of ArcSight.
Customer service during the transition from HPE to Micro Focus was abysmal where it became disruptive to our service delivery.
View full review »
Ssaurabh Kesari
Ex Senior Security Analyst and Onsite consultant at a tech services company with 1,001-5,000 employees
The analytics feature is not reliable and needs improvement for more detailed analysis.​
​In certain cases, this product does have false positives, which the company should work on.
They should try to include business logic vulnerabilities in the SIEM tool.
View full review »
Hatem Metwally
Senior Security Consultant, CISSP, HPE ArcSight Specialist at a retailer with 5,001-10,000 employees
They need to develop NetFlow appliances that can be installed in the customer network on span ports, collect NetFlow, and send it to ArcSight without relying on the devices' NetFlow capability and their position in the network.
View full review »
Teguh Budyantara
IT Manager at Royal Cemerlang
In other products, I have found that they use some kind of GUI that is drag and drop. While in ArcSight they use still scripting. They should keep scripting because some people prefer scripting but they should have the option for those who prefer using drag and drop.
View full review »
Karthik Velli
Delivery Consultant - Security Solutions with 1,001-5,000 employees
Administration of ArcSight is not an easy job. The admin needs to be well experienced in it to identify the root cause and fix it.
View full review »
Analyst0909
Analyst at a financial services firm with 10,001+ employees
I would like for them to integrate mobile devices. Integration or any kind of functionality which will act as a substitute for IBM so that we can really track our mobile devices as well as look at SIEM.
View full review »
Filip Simeonov
Information Security and Business Data Protection Specialist at a comms service provider with 1,001-5,000 employees
The security area has room for improvement.
View full review »
Teguh Budyantara
IT Manager at Royal Cemerlang
The product should include a lot more predefined scenarios so the adopted company will have knowledge and a broader skill set in security and network.
View full review »

Sign Up with Email