We performed a comparison between ArcSight Enterprise Security Manager (ESM) and Logpoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: ArcSight Enterprise Security Manager is praised for its well-designed dashboard, real-time reporting, and threat intelligence capabilities that leverage AI and correlation tools. Users also like ArcSight’s seamless integration and effortless management. Logpoint is noted for its advanced technology and extensive log-collection, parsing, and analysis mechanisms. ArcSight ESM users have recommended improvements in training, speed, and data administration. Logpoint can improve its dashboard customization, resource efficiency, network hierarchy diagrams, and agent deployment.
Service and Support: Some ArcSight ESM users have found the support to be responsive and helpful, while others have faced issues with slow response times and a lack of expertise. Logpoint's customer service receives high marks for its exceptional technical support and responsive engineers, but some users reported delays in receiving help from higher-level support.
Ease of Deployment: Some said that ArcSight ESM is straightforward to set up, while others noted that integration with other systems can be challenging and requires specialized knowledge. Logpoint's initial setup can be complex and time-consuming or fast and easy, depending on the user's experience and the organization’s size.
Pricing: Users consider the pricing of ArcSight ESM to be reasonable and affordable. Logpoint's fixed pricing model is seen as cost-effective and competitive.
ROI: ArcSight ESM delivers an ROI by helping clients achieve compliance objectives and prevent incidents. Logpoint makes costs more predictable and enables companies to generate revenue through security operation services.
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"The automation feature is valuable."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"It has basic out-of-the-box integrations with multiple log sources."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"Log aggregation and data connectors are the most valuable features."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"ArcSight is customizable. You can integrate just about anything. I also like the ease of use."
"The solution offers very good monitoring."
"The most important feature is ArcSight's event correlation capabilities. It's powerful and easy. I also like the flex connector capability. It's easy to develop a new connector that isn't fully supported out of the box. For example, say you created a solution internally that's completely different, and it's not unsupported by the solution. You can write your own connector using the flex connector."
"The out-of-the-box rules that help us configure functioning rules within the environment are valuable."
"ArcSight gives us better visibility into threats that were unknown earlier."
"This process has helped to improve our organization because we have centralized the intra-group security equipment logs."
"We have been satisfied with the support."
"For the typical malware or intrusion, this solution assists us by identifying the symptoms based on network traffic from the application servers."
"The solution is user-friendly."
"Technical support is responsive and very friendly."
"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."
"It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline."
"The integration is very user-friendly. There are not many CLI commands. Everything is directly accessible from the web interface."
"We like the user and entity behaviour analytics (UEBA) and find it valuable."
"The solution's user interface is quite simple, and the integration is better than other products."
"The solution offers excellent reporting features. Our customers have been satisfied that they have been able to meet their compliance needs by giving them a standard report."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The on-prem log sources still require a lot of development."
"When we need to consume old events, we have to wait for a long time. ArcSight should improve the database capability to reply to queries faster. It would also be interesting if they implemented network visibility. For example, they could add a feature like NetWitness with a model just for looking through the packets."
"The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible."
"ArcSight ESM needs to improve performance, user interface, and automation."
"In other products, I have found that they use some kind of GUI that is drag and drop. While in ArcSight they use still scripting. They should keep scripting because some people prefer scripting but they should have the option for those who prefer using drag and drop."
"We would like the ability to easily identify either unused resources or those that are being used sub-optimally."
"Customer service and support is our biggest challenge."
"The roadmap is not clear."
"The product should include a lot more predefined scenarios so the adopted company will have knowledge and a broader skill set in security and network."
"One of the things we faced last year was that we had some memory issues with the server running. We were running them as virtual services, and we were facing some performance issues. Back then, there were some things that had already been solved at the end, but one of the small issues we had was that it was quite memory-consuming. After one upgrade that we did, we faced some performance issues."
"LogPoint can improve its dashboards. We are not able to customize the dashboard when creating them. They only have preset dashboards which do not have exactly what we are looking for."
"LogPoint must find a way to integrate the servers without agents."
"The interface needs things like wizards that will assist with creating complex correlation rules."
"Sometimes, the product is not stable."
"It is complicated to collect daily logs from other systems."
"What could be improved in LogPoint is its UI because it's less friendly to users than LogRhythm. The UI could be more aesthetically appealing to users. It's completely outdated."
"Logpoint is not flexible. Its documentation is not user-friendly."
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while Logpoint is ranked 24th in Security Information and Event Management (SIEM) with 20 reviews. ArcSight Enterprise Security Manager (ESM) is rated 7.8, while Logpoint is rated 7.4. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, ArcSight Intelligence, Trellix ESM, IBM Security QRadar and LogRhythm SIEM, whereas Logpoint is most compared with IBM Security QRadar, Elastic Security, Rapid7 InsightIDR, Wazuh and USM Anywhere. See our ArcSight Enterprise Security Manager (ESM) vs. Logpoint report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.