We performed a comparison between ArcSight Enterprise Security Manager (ESM) and IBM Watson for Cyber Security based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The Log analytics are useful."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"We have no complaints about the features or functionality."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"Free ingestion for Azure logs (with E5 licence)"
"It is a vital tool for live monitoring and helps us to understand the traffic alerts of any major issue on the network, thereby reducing hacking attempts."
"It is a very useful tool for intelligence building because it has many use cases and many rule sets."
"We have been satisfied with the support."
"SmartConnector: Normalization parses raw logs and converts them into CEF (common event format). This is the core of the product."
"Once the rules are defined, it is capable of detecting minute changes in the systems, which are effectively based on the entries in the log."
"The solution offers very good monitoring."
"There are many features that are good for clients who are looking for a good SIEM solution. They like the ease of creating a business that is effective and impressive."
"It prevented my users from getting infected by ransomware. It can also pinpoint the story behind every virus or network attack to our environment."
"The most valuable features of IBM Watson for Cyber Security are ease of use and out-of-the-box reports and compliance policies. Additionally, if there are aspects that are missing IBM add them in the next release."
"The most valuable feature of this product is innovation, where the research and upgrading of technology never ends."
"IBM Watson for Cyber Security is very stable."
"The customer support is very good."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"There is room for improvement in entity behavior and the integration site."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"The product should include a lot more predefined scenarios so the adopted company will have knowledge and a broader skill set in security and network."
"The API integration could be better, and I'd like to see more machine-learning capabilities in the future."
"The customer experience could be improved."
"The correlation engine effectively connects different events, significantly improving our detection reach. However, limitations exist with non-default alerts, where additional costs arise for integration."
"In certain cases, this product does have false positives, which the company should work on."
"It would be nice if the interface were more user-friendly, with, for example, a minimal number of tabs to navigate."
"ArcSight ESM is not easy to use and it should be integrated with other tools that have infrastructure capabilities."
"I would like to have a feature that gives us an entire report listing what devices are integrated."
"In the future, I would like to see threat intelligence included."
"They need to continue to build the AI capabilities."
"This is an expensive product, so making it more cost-effective would be an improvement."
"The dashboard could improve in IBM Watson for Cyber Security."
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
More IBM Watson for Cyber Security Pricing and Cost Advice →
ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while IBM Watson for Cyber Security is ranked 45th in Security Information and Event Management (SIEM) with 4 reviews. ArcSight Enterprise Security Manager (ESM) is rated 7.8, while IBM Watson for Cyber Security is rated 8.0. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of IBM Watson for Cyber Security writes "An innovative and stable product that is well maintained and always up-to-date". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, ArcSight Intelligence, Trellix ESM, IBM Security QRadar and LogRhythm SIEM, whereas IBM Watson for Cyber Security is most compared with IBM Security QRadar, Splunk Enterprise Security and i-SIEM.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.