We performed a comparison between ArcSight Enterprise Security Manager (ESM) and Oracle Security Monitoring and Analytics Cloud Service based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"Log aggregation and data connectors are the most valuable features."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"Sentinel pricing is good"
"The Log analytics are useful."
"SmartConnector: Normalization parses raw logs and converts them into CEF (common event format). This is the core of the product."
"It is a vital tool for live monitoring and helps us to understand the traffic alerts of any major issue on the network, thereby reducing hacking attempts."
"Once the rules are defined, it is capable of detecting minute changes in the systems, which are effectively based on the entries in the log."
"ArcSight Enterprise Security Manager (ESM) works perfectly. It's a stable and scalable product."
"The solution offers very good monitoring."
"The most important feature is ArcSight's event correlation capabilities. It's powerful and easy. I also like the flex connector capability. It's easy to develop a new connector that isn't fully supported out of the box. For example, say you created a solution internally that's completely different, and it's not unsupported by the solution. You can write your own connector using the flex connector."
"The filters and the ability to do what you want are the most valuable features. There is nothing that you cannot do in this solution. It has all the features, which makes it very dynamic."
"What I found most valuable in ArcSight Enterprise Security Manager (ESM) is its good integration with third-party products. The solution also has good core capabilities."
"The security level that they are maintaining with the pre-authentication keys is very good."
More Oracle Security Monitoring and Analytics Cloud Service Pros →
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"I think the number one area of improvement for Sentinel would be the cost."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"We'd like also a better ticketing system, which is older."
"We'd like to see more connectors."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"ArcSight ESM is not easy to use and it should be integrated with other tools that have infrastructure capabilities."
"The initial setup is very complex. We had to architect a deployment which allowed us to incorporate an ever growing number of customers into our hosted instance of ArcSight."
"Administration of ArcSight is not an easy job. The admin needs to be well experienced in it to identify the root cause and fix it."
"In certain cases, this product does have false positives, which the company should work on."
"We have pricing issues. ArcSight ESM may not be the most user-friendly option, and its interface is quite traditional. However, despite these aspects, we find it a good cybersecurity solution. It needs to improve the dashboards, documentation, and support as well."
"ArcSight ESM needs to improve performance, user interface, and automation."
"The user interface of ArcSight Enterprise Security Manager could improve. It is not very good. Additionally, they could integrate the web interface better."
"They need to develop NetFlow appliances that can be installed in the customer network on span ports, collect NetFlow, and send it to ArcSight without relying on the devices' NetFlow capability and their position in the network."
"The solution could improve by providing better documentation for beginners to learn, such as videos or other tutorials."
More Oracle Security Monitoring and Analytics Cloud Service Cons →
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
More Oracle Security Monitoring and Analytics Cloud Service Pricing and Cost Advice →
Earn 20 points
ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while Oracle Security Monitoring and Analytics Cloud Service is ranked 43rd in Security Information and Event Management (SIEM). ArcSight Enterprise Security Manager (ESM) is rated 7.8, while Oracle Security Monitoring and Analytics Cloud Service is rated 7.0. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of Oracle Security Monitoring and Analytics Cloud Service writes " Easy to install, highly secure standards, and reliable". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, ArcSight Intelligence, Trellix ESM, IBM Security QRadar and LogRhythm SIEM, whereas Oracle Security Monitoring and Analytics Cloud Service is most compared with AWS Security Hub, LogRhythm SIEM, IBM Security QRadar, Exabeam Fusion SIEM and Rapid7 InsightVM.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.