Arcsight Enterprise Security Manager (ESM) Reviews & Ratings 2022

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of Arcsight Enterprise Security Manager (ESM), and make your voice heard!

Record

Pricing

View all pricing

Arcsight Enterprise Security Manager (ESM)

N/A

Unavailable

What is Arcsight Enterprise Security Manager (ESM)?

Arcsight Enterprise Security Manager (formerly HP Arcsight) is security information and event management (SIEM) software, acquired from Hewlett-Packard Enterprise by Micro Focus and offered through the company's CyberRes division.

Entry-level set up fee?

No setup fee

Offerings

Free Trial
Free/Freemium Version
Premium Consulting / Integration Services

Would you like us to let the vendor know that you want pricing?

15 people want pricing too

Alternatives Pricing

Microsoft Sentinel (formerly Azure Sentinel)

$2.46

per GB ingested

What is Microsoft Sentinel (formerly Azure Sentinel)?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make threat detection and response smarter and faster with artificial intelligence (AI). Eliminate…

AlienVault USM

$1,075

per month

What is AlienVault USM?

AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments,…

Features Scorecard

Security Information and Event Management (SIEM)

7.9

79%

Product Details

What is Arcsight Enterprise Security Manager (ESM)?

Arcsight Enterprise Security Manager (formerly HP Arcsight) is security information and event management (SIEM) software, acquired from Hewlett-Packard Enterprise by Micro Focus and offered through the company's CyberRes division.

Arcsight Enterprise Security Manager (ESM) Technical Details

Operating Systems	Unspecified
Mobile Application	No

Comparisons

View all alternatives

Compare with

Microsoft Sentinel (formerly Azure Sentinel)

Score 8.6 out of 10

Compare

Splunk Enterprise

Score 8.9 out of 10

Compare

Elasticsearch

Score 8.5 out of 10

Compare

AlienVault USM

Score 7.6 out of 10

Compare

IBM Security QRadar

Score 8.3 out of 10

Compare

FortiSIEM

Score 8.4 out of 10

Compare

McAfee Enterprise Security Manager

Score 9.0 out of 10

Compare

Rapid7 InsightVM (Nexpose)

Score 8.1 out of 10

Compare

SailPoint Identity Platform

Score 8.6 out of 10

Compare

SolarWinds Security Event Manager (SEM)

Score 7.4 out of 10

Compare

Frequently Asked Questions

What is Arcsight Enterprise Security Manager (ESM)?

Arcsight Enterprise Security Manager (formerly HP Arcsight) is security information and event management (SIEM) software, acquired from Hewlett-Packard Enterprise by Micro Focus and offered through the company's CyberRes division.

What is Arcsight Enterprise Security Manager (ESM)'s best feature?

Reviewers rate Integration with Identity and Access Management Tools highest, with a score of 8.7.

Who uses Arcsight Enterprise Security Manager (ESM)?

The most common users of Arcsight Enterprise Security Manager (ESM) are from Enterprises (1,001+ employees) and the Computer & Network Security industry.

Reviews and Ratings

(21)

Ratings

Support Rating (6)

7.6

76%

Reviews

(1-4 of 4)

Sort by

Popular Filters

Companies can't remove reviews or game the system. Here's why

December 16, 2019

A good, but complex, SIEM tool

Verified User

Consultant in Professional Services

Computer & Network Security Company, 5001-10,000 employees

Score 6 out of 10

Vetted Review

Verified User

Review Source

Use Cases and Deployment Scope

As a managed SOC provider, ArcSight is the base of our SOC team. We deploy event receivers (connectors and brokers) in each of our clients and the data is aggregated on our ESM. We then are able to monitor the client environment from our SOC and investigate incidents in the client environment.

Pros and Cons

Really robust tool, as it can expand to millions of EPS.
Support clustering.

ArcSight is a really complex tool, but it's not that easy to implement and maintain.
Troubleshooting issues on ArcSight can be hard if you have a large environment.

Likelihood to Recommend

I do recommend Arcsight for clients that have a large environment and requires tons of customization. For example, if you have 10.000+ log sources, and you want to do a custom integration with ElasticSearch, then Arcsight is for you. If you have a medium-sized company, with no requirements for complex customizations, and if you're looking for an easy tool to deploy and maintain, then you should check another solution.

Support Rating

7

I personally haven't reached the support team, however, the engineers never complained about the Arcsight support team. We had some issues with the tool in the past but every time we reached the support, all issues were resolved in a timely manner.

December 10, 2019

ArcSight - A better insight security solution

JR

Jatin Rai

Network Engineer

Adidas (Computer & Network Security, 10,001+ employees)

Score 8 out of 10

Vetted Review

Verified User

Review Source

Use Cases and Deployment Scope

Arcsight is being used in the security department in our organization. It is used as a SIEM (Security Event and Incident Manager) tool in our organization. As any other SIEM tool, we used Arcsight Enterprise security manager for managing security on all of our endpoint devices, It was one of the best and demanding tool at the time we have implemented in our organization and provide a number of features which help us to have a quick check and easy handling of security event and incidents on all the endpoint devices. To be specific, Arcsight Enterprise security manager is used for integrating all endpoint safety management tool be it IPS, IDS, Firewall, Anti-virus etc. and help to reduce the redundant and false-positive alerts which may not be useful from the security perspective and help us to have a quick check of a lot devices in an effective way.
It also help us to check the complete activity that has been perform on any of the endpoint device integrated with it, creating own rule and filters and creating active channel dashboards that help us to keep a vigil watch in case any big event happens on any devices.

Pros and Cons

Integration with smart logger and ESM to create rules and easy management of the same.
Easy integration with all end point security management tool(IPS/IDS, Firewall, Anti-Virus) and their consolidated output at a single place to effectively rectifying true and false positives.

There is a storage problem that should be improved for better management.
There is need to improve the search mechanism.

Likelihood to Recommend

Arcsight was one of the best SIEM tools at the time it entered the market and has advanced features that make it a favorite for a number of organizations, but they lack to upgrade it with the time. Some of there features are still at their best but required timely update to manage with the other competitor present in the market.
If I have to choose the key points, they would be :

User management.
Smart Logger.

And if I were to point out where it is currently lagging :

UI needs improvement.
Slow search functionality.

Support Rating

8

Let's go here point by point:

1) Better logs management.
2) An effective way of managing the user and their roles.
3) Easy to handle and manage end-point user machines.
4) Better logs collection mechanism(still there is a lot of scopes to improve)
5) Easy to create scheduled reports and Dashboards for a quick check.
6) Easy to implement and handle all the services provide by the ArcSight.
7) User-friendly UI.

October 22, 2019

Worth having SIEM Arcsight

Verified User

Retiree in Information Technology

Investment Banking Company, 10,001+ employees

Score 9 out of 10

Vetted Review

Verified User

Review Source

Use Cases and Deployment Scope

Arcsight is used as a whole. Every piece of technology can be integrated with Arcsight & it can be used for monitoring from a security point of view. We can keep track of trends of alerts & configure rules as per our requirements. Whitelisting also can be done which is a very good feature. An overall good tool to work with. Customized connectors can also be built for software/tech that is not supported by HP.

Pros and Cons

Data management.
Security rules.
Reports can be fetched & scheduled.
User & role management.

Storage.
User console is a bit heavy & takes time for loading.
Flex development of connector.

Likelihood to Recommend

You can have customized rules & trends as per company requirements. You can integrate devices that you want even if no smart connector is present for that particular device. You can also have a list for dynamic requirements. We've created customized fieldsets & populated it with data we want with multiple data formats so that monitoring can be made easy instead of going into event details every time.

The only problem is that every time any old events are retrieved, it takes a long time to load.

Support Rating

8

If you go for platinum support, it's good as you have priority for support. They will take remote control of your machines and troubleshoot. Also, they arrange requirement SEM depending on the issue.

December 17, 2018

Arcsight needs to up its game.

Verified User

Engineer in Information Technology

Non-Profit Organization Management Company, 501-1000 employees

Score 7 out of 10

Vetted Review

Verified User

Review Source

Use Cases and Deployment Scope

Arcsight is currently being used in our SIOC department for the whole organization. It is a well rounded tool for standard event detection, logging, normalization and correlation. It does a fairly good job at freeing up analysts by providing real time correlation and helping detect events fast so they don't waste time hunting for a needle in a haystack.

Pros and Cons

Good integration with IT infrastructure like ticketing systems, web applications and threat feeds etc.
Real time correlation works very well.
Dashboards and visualization is done well.

Even though integration is good but not complete yet as there are a lot of new popular apps which Arcsight can't integrate with natively.
UI can be improved.

Likelihood to Recommend

Honestly, there are newer and better competitors for this tool and I'd recommend those over this as I've had the opportunity to recently to work with some others. If you work with older applications then integration might work but newer and cutting edge app support is nowhere near completion.