ArcSight Reviews

Filter by:Reset all filters
industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
rating
Loading...
Filter Unavailable
Karlo Luiten Crisc Cissp
Consultant
Security Consultant at a tech services company with 5,001-10,000 employees
Nov 26 2017

What is most valuable?

* Large scale installations work well. * The new user interface is nice. * The real-time analysis adds value. * The… more»

How has it helped my organization?

* User behavior and problems on the network are visible, which we can then solve. * We can align policies with how people… more»

What needs improvement?

HPE ArcSight has a quite steep learning curve. If you get to know the product well, it is the most powerful product that I… more»

What's my experience with pricing, setup cost, and licensing?

Do not scale out (horizontally) too quickly. A good box can handle a lot of EPS. You will not need to buy more licenses if… more»

If you previously used a different solution, which one did you use and why did you switch?

I have also used LogRhythm, which in my opinion has less features than ArcSight. 80% of use cases work well on both, for… more»

What other advice do I have?

Get a training course and start working with it quickly after getting your course. It is easy to forget all the options… more»
Jordan French
Consultant
Business Development Manager- Threat Management Services at a tech services company with 5,001-10,000 employees
Apr 25 2018

What is most valuable?

* Smart Connectors and Flex Wizard * Multi-tenant access * Customization for dashboards and reporting * Improvements made… more»

How has it helped my organization?

Without it, we would not have a managed SIEM offering to speak of. We spent over a year evaluating leading competitors and… more»

What needs improvement?

The marketplace is a bit of a joke; steps should be taken to improve participation. Micro Focus desperately needs to… more»

What's my experience with pricing, setup cost, and licensing?

Customers without a ton of resources to dedicate to deployment may be better served by a managed ArcSight service. A lot… more»

If you previously used a different solution, which one did you use and why did you switch?

We have not use a previous solution past its initial evaluation period.

What other advice do I have?

It has its quirks, but ultimately, it delivers capabilities that no other SIEM could provide.
Find out what your peers are saying about Micro Focus, Splunk, IBM and others in Security Information and Event Management (SIEM). Updated: March 2019.
326,282 professionals have used our research since 2012.
Ssaurabh Kesari
Consultant
Ex Senior Security Analyst and Onsite consultant at a tech services company with 1,001-5,000 employees
Mar 11 2018

What is most valuable?

Once the rules are defined, it is capable of detecting minute changes in the systems, which are effectively based on the entries in the log.

How has it helped my organization?

It is a vital tool for live monitoring and helps us to understand the traffic alerts of any major issue on the network, thereby reducing hacking… more»

What needs improvement?

In certain cases, this product does have false positives, which the company should work on. They should also try to include business logic… more»

What's my experience with pricing, setup cost, and licensing?

It is best to be an institutional buyer and directly contact the sales team, as they can provide over-the-top discounts for bulk orders.

If you previously used a different solution, which one did you use and why did you switch?

Since I have been in the organisation, we have used Micro Focus ArcSight for 80% of the clients. We have also used Splunk for certain clients based… more»
Hatem Metwally
Consultant
Senior Security Consultant, CISSP, HPE ArcSight Specialist at a retailer with 5,001-10,000 employees
Sep 03 2017

What is most valuable?

* SmartConnector: Normalization parses raw logs and converts them into CEF (common event format). This is the core of the… more»

How has it helped my organization?

This product is one of the best SIEM solutions, which helps SOC analysts to consolidate all security-relevant logs of many… more»

What needs improvement?

Developing more products/modules that make it more independent from relying on other vendors’ products to get all the… more»

What's my experience with pricing, setup cost, and licensing?

HPE ArcSight pricing might be more expensive than other SIEM solutions, but in my opinion it has powerful features and… more»

If you previously used a different solution, which one did you use and why did you switch?

No.

What other advice do I have?

If you are implementing Express/ESM, I advise disabling all out-of-the-box content and building your own. Also, keep… more»
Teguh Budyantara
Real User
IT Manager at Royal Cemerlang
Mar 19 2019

How has it helped my organization?

When WannaCry attacks I can minimize the damage. My company had no protection at the time. We get alerts in ArcSight and then whenever a user got a copy of WannaCry and the WannaCry… more»

What needs improvement?

In other products, I have found that they use some kind of GUI that is drag and drop. While in ArcSight they still use scripting. They should keep scripting because some people prefer… more»

What's my experience with pricing, setup cost, and licensing?

The pricing is great compared to others.

What other advice do I have?

I would rate it an eight out of ten. Not a ten because of the drag and drop feature I'd like for them to include and because I think they should include more enterprise security use… more»
Karthik Velli
Consultant
Delivery Consultant - Security Solutions with 1,001-5,000 employees
Sep 11 2017

What is most valuable?

Customization. ArcSight gives you a platform to on-board out-of-the-box devices with a more accurate way of collecting… more»

How has it helped my organization?

Recent attacks like Shamoon and WannaCry were under continuous monitoring by using this solution. It is understood that… more»

What needs improvement?

Complexity, administration. Administration of ArcSight is not an easy job. The admin needs to be well experienced in it to… more»

What's my experience with pricing, setup cost, and licensing?

ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value.

If you previously used a different solution, which one did you use and why did you switch?

No.

What other advice do I have?

On-boarding is easy but administration is challenging and more fun.
Anonymous User
Real User
Analyst at a financial services firm with 10,001+ employees
Feb 14 2019

What do you think of ArcSight?

What is our primary use case?

We use this solution for clients that want database consulting. They have a lot of general user's data in that demise so they want to have a robust SIEM solution that they trust. They have real-time alerts and monitoring for their data server.

How has it helped my organization?

We do consulting and I get feedback from our clients that the product really helped them with compliance, especially with GDPR. 

What needs improvement?

They should make a user manual for the technical people. I would like for them to integrate mobile devices. Integration or any kind of functionality which will act as a substitute for IBM so that we can really track our mobile devices as well as look at SIEM.

What do I think about the stability of the solution?

I would…
Filip Simeonov
Real User
Information Security and Business Data Protection Specialist at a comms service provider with 1,001-5,000 employees
Feb 13 2019

What is most valuable?

The webpage algorithm is the most valuable feature because it was the fastest feature for searching the logs, events, and correlation.

How has it helped my organization?

It has improved our organization because we had many investigations that it helped us with.

What needs improvement?

The security area has room for improvement.

What other advice do I have?

I would rate this solution a seven out of ten. To make it a ten they should develop a design for the security operations. It's a SIEM solution and I can see that it has some… more»
See 1 More ArcSight Reviews

Articles

User Assessments By Topic About ArcSight

Find out what your peers are saying about Micro Focus, Splunk, IBM and others in Security Information and Event Management (SIEM). Updated: March 2019.
326,282 professionals have used our research since 2012.

ArcSight Questions

ArcSight Projects By Members

What is ArcSight?

ArcSight is Micro Focus' leading Security Information and Event Management (SIEM) solution. ArcSight helps businesses protect their data through compliance solutions and security analytics.

There are a number of different products and solutions in the ArcSight family so you are able to pick and choose those that are best suited to your business requirements.

With ArcSight, IT can:

  • Monitor IT infrastructure.
  • Manage insider security with secure identity and access control.
  • Automate compliance.
  • Monitor applications.
  • Manage security risks.
  • Identify APTs.
Also known as
Micro Focus ArcSight, HPE ArcSight
ArcSight customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.

BUYER'S GUIDE
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Micro Focus, Splunk, IBM, and more!

Sign Up with Email