We performed a comparison between ArcSight Enterprise Security Manager (ESM) and IBM Watson for Cyber Security based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The automation feature is valuable."
"The machine learning and artificial intelligence on offer are great."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"I would rate the ease of use for new users an eight out of ten, with ten being easy to use. It is a good tool."
"The product is quite mature. It's been around for a long time."
"The reports that we are from getting from ArcSight are very valuable. The reporting in ArcSight is good. Our regulators ask us for the reports on a regular basis, and we have been able to provide the required data. Its overall functionality in terms of log analysis and the speed at which it does that is also valuable. It is very quick. Whatever alerts we had configured were extremely fast. We immediately get alerts when there is unauthorized access or unknown access, or even positive access. This is where we found the difference between ArcSight and other solutions."
"Stable solution with good customer service support."
"We do consulting and I get feedback from our clients that the product really helped them with compliance, especially with GDPR."
"The most useful features are directories, price, and live reporting."
"ArcSight ESM allows us to find if someone is doing an administrative operation at inappropriate times of day or trying to do something they're not allowed to."
"Feature-rich solution which provides better network visibility for improved security"
"IBM Watson for Cyber Security is very stable."
"The customer support is very good."
"The most valuable features of IBM Watson for Cyber Security are ease of use and out-of-the-box reports and compliance policies. Additionally, if there are aspects that are missing IBM add them in the next release."
"The most valuable feature of this product is innovation, where the research and upgrading of technology never ends."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"The AI capabilities must be improved."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"We'd like also a better ticketing system, which is older."
"The roadmap is not clear."
"The UI interface is somewhat complex and needs to be simplified."
"The onboarding process for this solution could be better. It also needs a better GUI."
"ArcSight ESM needs to improve performance, user interface, and automation."
"There could be more API features for extracting logs on different devices included in the product."
"I would like for them to integrate mobile devices. Integration or any kind of functionality which will act as a substitute for IBM so that we can really track our mobile devices as well as look at SIEM."
"What could be improved in ArcSight Enterprise Security Manager (ESM) is its analytics feature. That feature should be more powerful and have more correlation in terms of AI/ML, though MicroFocus has done a good job in adding analytics to ArcSight Enterprise Security Manager (ESM) which has become a big draw to customers. What I'd like to see in the next release of the solution is the addition of AI/ML features."
"The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible."
"The dashboard could improve in IBM Watson for Cyber Security."
"In the future, I would like to see threat intelligence included."
"They need to continue to build the AI capabilities."
"This is an expensive product, so making it more cost-effective would be an improvement."
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
More IBM Watson for Cyber Security Pricing and Cost Advice →
ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while IBM Watson for Cyber Security is ranked 45th in Security Information and Event Management (SIEM) with 4 reviews. ArcSight Enterprise Security Manager (ESM) is rated 7.8, while IBM Watson for Cyber Security is rated 8.0. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of IBM Watson for Cyber Security writes "An innovative and stable product that is well maintained and always up-to-date". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, ArcSight Intelligence, Trellix ESM, IBM Security QRadar and LogRhythm SIEM, whereas IBM Watson for Cyber Security is most compared with IBM Security QRadar, Splunk Enterprise Security and i-SIEM. See our ArcSight Enterprise Security Manager (ESM) vs. IBM Watson for Cyber Security report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
