Arcsight needs to up its game.
December 17, 2018

Arcsight needs to up its game.

Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User

Overall Satisfaction with Arcsight Enterprise Security Manager (formerly HP Arcsight)

Arcsight is currently being used in our SIOC department for the whole organization. It is a well rounded tool for standard event detection, logging, normalization and correlation. It does a fairly good job at freeing up analysts by providing real time correlation and helping detect events fast so they don't waste time hunting for a needle in a haystack.
  • Good integration with IT infrastructure like ticketing systems, web applications and threat feeds etc.
  • Real time correlation works very well.
  • Dashboards and visualization is done well.
  • Even though integration is good but not complete yet as there are a lot of new popular apps which Arcsight can't integrate with natively.
  • UI can be improved.
  • A few years ago this would have been the best buy on the market but with applications like Splunk I'd say its not giving you as much ROI.
  • Still does the job and gives us a positive ROI as we bought this over 6 years ago.
Splunk is way better, faster and has more integration than Arcsight has. Arcsight doesn't seem like the leader of the market as it was many years ago and I'd not recommend getting this now unless you absolutely require it for some reason.
IBM QRadar, LogRhythm, SolarWinds Log & Event Manager
Honestly, there are newer and better competitors for this tool and I'd recommend those over this as I've had the opportunity to recently to work with some others.
If you work with older applications then integration might work but newer and cutting edge app support is nowhere near completion.

Arcsight by OpenText Feature Ratings

Centralized event and log data collection
8
Correlation
8
Event and log normalization/management
8
Deployment flexibility
7
Integration with Identity and Access Management Tools
8
Custom dashboards and workspaces
8