Categories:

What is ArcSight ESM?

Industry Specialties: Energy & Utilities, Health & Life Sciences, Financial Services, Technology.

ArcSight, a robust software solution from OpenText, specializes in Security Information and Event Management (SIEM). It is designed to help organizations detect, analyze, and respond to security threats in real-time. ArcSight is particularly well-suited for large enterprises and government agencies that require comprehensive security monitoring and incident response capabilities due to its scalability and advanced analytics.

Key benefits of ArcSight include enhanced threat detection, improved compliance reporting, and streamlined security operations. Popular features encompass real-time event correlation, advanced threat intelligence, and extensive log management. Users appreciate its ability to handle large volumes of data and its integration with various security tools, although some note a steep learning curve.

Pricing for ArcSight can vary widely based on factors such as deployment size and specific requirements. For precise pricing details, it is recommended to contact SelectHub for a tailored quote. Overall, ArcSight stands out for its powerful analytics and comprehensive security features, making it a valuable asset for organizations with complex security needs.


Pros
  • Effective threat detection
  • User behavior analytics
  • Comprehensive security
  • Rich data source support
  • Automated incident response
 Cons
  • Complex pricing model
  • Steep learning curve
  • Resource-intensive setup
  • High data ingestion rates
  • Not suitable for small businesses
PRICE
$
$
$
$
$
COMPANY SIZE
S
M
L
DEPLOYMENT
PLATFORM
Try Before You Buy.
Request a Free Demo Today!
Request Demo
It's completely free!
Screenshots
Product Screenshots and Videos

#11

ArcSight ESM is ranked #11 in the SIEM Tools product directory based on the latest available data collected by SelectHub. Compare the leaders with our In-Depth Report.

Get the Report Now

ArcSight ESM Pricing

Based on our most recent analysis, ArcSight ESM pricing starts in the range of $500 - $1,000.

Get Price Quote
Price
$
$
$
$
$
i
Starting From
Undisclosed
Pricing Model
Quote-based
Free Trial
Yes, Request for Free

Training Resources

ArcSight ESM is supported with the following types of training:

Documentation
In Person
Live Online
Videos
Webinars

Support

The following support services are available for ArcSight ESM:

Email
Phone
Chat
FAQ
Forum
Help Desk
Knowledge Base
Tickets
Training
24/7 Live Support

ArcSight ESM Benefits and Insights

Why use ArcSight ESM?

Key differentiators & advantages of ArcSight ESM

  • Enhanced Threat Detection: ArcSight's advanced analytics and correlation capabilities enable quicker identification of potential security threats, reducing the time to detect and respond to incidents.
  • Comprehensive Log Management: By aggregating and normalizing logs from various sources, ArcSight provides a unified view of security events, simplifying compliance and audit processes.
  • Scalability: Designed to handle large volumes of data, ArcSight can scale to meet the needs of growing organizations, ensuring consistent performance and reliability.
  • Real-Time Monitoring: Continuous monitoring of network activity allows for immediate detection of anomalies, helping to prevent breaches before they occur.
  • Customizable Dashboards: Tailored dashboards provide security teams with relevant, actionable insights, enhancing their ability to make informed decisions quickly.
  • Automated Response: ArcSight's automation capabilities streamline incident response processes, reducing manual intervention and minimizing the impact of security events.
  • Regulatory Compliance: Built-in compliance reporting tools help organizations meet regulatory requirements such as GDPR, HIPAA, and PCI-DSS, reducing the risk of non-compliance penalties.
  • Integration with Existing Tools: Seamless integration with other security and IT management tools enhances overall security posture by providing a more comprehensive defense strategy.
  • Historical Data Analysis: The ability to analyze historical data aids in identifying trends and patterns, improving future threat detection and prevention strategies.
  • Reduced Operational Costs: By automating routine tasks and improving efficiency, ArcSight helps lower the overall cost of security operations.

Industry Expertise

ArcSight has expertise in cybersecurity, particularly for industries like finance, healthcare, government, and retail, where security and compliance are critical. It caters to large enterprises with complex security needs, offering solutions that address specific cybersecurity challenges and compliance requirements within these domains.

ArcSight ESM Reviews

Average customer reviews & user sentiment summary for ArcSight ESM:

User satisfaction level icon: great

295 reviews

86%

of users would recommend this product

ArcSight ESM has a 'great' User Satisfaction Rating of 86% when considering 295 user reviews from 4 recognized software review sites.

Synopsis of User Ratings and Reviews

Based on an aggregate of ArcSight ESM reviews taken from the sources above, the following pros & cons have been curated by a SelectHub Market Analyst.

Pros

  • Comprehensive Security: ArcSight is praised for its comprehensive security capabilities, offering a wide range of features for monitoring, detecting, and responding to security threats effectively.
  • Real-Time Monitoring: Users appreciate the real-time monitoring and alerting features that help them stay informed about security incidents as they occur, allowing for prompt responses.
  • Scalability: ArcSight is often commended for its scalability, making it suitable for large organizations with extensive security data and event logs to manage.
  • Compliance Capabilities: Organizations in regulated industries value ArcSight's compliance reporting features, which simplify the process of demonstrating adherence to regulatory requirements.
  • Incident Response: Users find the automated incident response workflows valuable in streamlining the identification and mitigation of security incidents, reducing response times.

Cons

  • Complex Pricing: Users often find ArcSight's pricing model complex and challenging to predict accurately, especially when factors like data ingestion rates influence costs.
  • Steep Learning Curve: Some users report a steep learning curve when implementing and managing ArcSight due to its advanced features and complexity, which may require dedicated training and expertise.
  • Resource-Intensive Setup: The initial setup of ArcSight can be resource-intensive, necessitating the availability of hardware, software, and experienced personnel for optimal configuration.
  • High Data Ingestion Rates: Users note that high data ingestion rates can lead to increased costs, making it essential to monitor and manage data volume effectively to control expenses.
  • Not Suitable for Small Businesses: ArcSight's advanced features and pricing model are often considered impractical for small businesses with simpler security needs, limiting its suitability.

Researcher's Summary:

Is ArcSight the right choice for your security needs? User reviews from the past year present a mixed bag. While ArcSight is praised for its powerful real-time correlation engine, which provides critical insights from security data, and its extensive integration options, making it a good fit for complex security environments, users also point out some significant drawbacks. A recurring concern is the product's complexity, which translates into a steep learning curve and makes it challenging to deploy and manage, especially for organizations with limited IT resources. For instance, setting up and customizing dashboards can be time-consuming.

This complexity often necessitates dedicated training and expertise. Another common gripe is the product's hunger for hardware resources, which can lead to performance issues, especially for organizations dealing with high volumes of security data. While some users applaud its performance, others report slow search functionality, indicating that experience can vary.

These factors make ArcSight a good fit for large enterprises with complex security needs and the resources to handle its demands. However, smaller organizations or those with limited IT staff and expertise might find it overwhelming and resource-intensive. They might be better served by a SIEM solution with a shallower learning curve and less demanding hardware requirements.

Key Features

Notable ArcSight features include:

  • Real-time Threat Detection: ArcSight provides real-time monitoring and analysis of security events, enabling quick identification and response to potential threats.
  • Advanced Correlation Engine: The software uses a sophisticated correlation engine to link disparate security events, helping to uncover complex attack patterns that might otherwise go unnoticed.
  • Scalability: ArcSight is designed to scale from small environments to large, enterprise-level deployments, ensuring consistent performance regardless of the size of the network.
  • Comprehensive Log Management: It offers extensive log collection, storage, and analysis capabilities, supporting a wide range of log formats and sources.
  • Compliance Reporting: ArcSight includes built-in compliance reporting templates for various standards such as PCI-DSS, HIPAA, and GDPR, simplifying the audit process.
  • Integration with Other Security Tools: The platform integrates seamlessly with other security solutions, including firewalls, intrusion detection systems, and endpoint protection tools, enhancing overall security posture.
  • Customizable Dashboards: Users can create personalized dashboards to visualize security data in a way that best suits their needs, providing clear insights into the security landscape.
  • Automated Incident Response: ArcSight supports automated workflows for incident response, reducing the time and effort required to address security incidents.
  • Machine Learning Capabilities: The software leverages machine learning algorithms to improve threat detection accuracy and reduce false positives.
  • Data Enrichment: ArcSight enriches raw security data with contextual information, making it easier to understand and act upon.
  • Role-based Access Control: It provides granular access control, ensuring that users only have access to the data and functionalities relevant to their roles.
  • Threat Intelligence Integration: The platform can incorporate threat intelligence feeds, enhancing its ability to detect and respond to emerging threats.
  • Forensic Analysis: ArcSight offers robust forensic analysis tools, allowing security teams to investigate incidents in depth and understand the full scope of an attack.
  • High Availability: The software is designed for high availability, ensuring continuous monitoring and protection even in the event of hardware failures.
  • Multi-tenancy Support: ArcSight supports multi-tenancy, making it suitable for managed security service providers (MSSPs) and large organizations with multiple departments or subsidiaries.

Limitations

Notable product limitations include:

  • Complex Pricing Model: ArcSight's pricing can be complex, with costs influenced by factors like data ingestion rates, making it challenging to predict expenses accurately.
  • Steep Learning Curve: Users may face a steep learning curve when implementing and managing ArcSight due to its advanced features and complexity.
  • Resource-Intensive Setup: The initial setup can be resource-intensive, requiring hardware, software, and experienced personnel for optimal configuration.
  • High Data Ingestion Rates: High data ingestion rates may lead to increased costs, making it crucial to monitor and manage data volume effectively.
  • Not Suitable for Small Businesses: ArcSight's capabilities are best suited for large enterprises, making it less practical for small businesses with simpler security needs.

FAQ


  • Q: What is the primary purpose of ArcSight?
    A: ArcSight is a Security Information and Event Management (SIEM) solution designed to monitor, detect, and respond to security threats and incidents in real-time. It provides comprehensive security and compliance capabilities for organizations.
  • Q: Who are the typical users of ArcSight?
    A: ArcSight is primarily used by large enterprises and organizations with complex security needs. It is ideal for sectors like finance, healthcare, and government that require robust cybersecurity solutions.
  • Q: What types of data sources does ArcSight support?
    A: ArcSight supports a wide range of data sources, including logs, network flows, and cloud data. This ensures organizations can collect and analyze data from diverse platforms.
  • Q: How does ArcSight handle incident response?
    A: ArcSight offers automated incident response workflows, simplifying the identification, assessment, and mitigation of security incidents. This feature reduces response times and minimizes potential damage.
  • Q: What is the role of User and Entity Behavior Analytics (UEBA) in ArcSight?
    A: UEBA capabilities in ArcSight help organizations identify unusual user and entity behaviors. It leverages machine learning and behavioral analytics to detect insider threats and unauthorized activities.
  • Q: Does ArcSight offer compliance reporting features?
    A: Yes, ArcSight provides compliance reporting features that simplify the process of generating reports to demonstrate compliance with regulatory requirements and internal policies.
  • Q: What is the learning curve for implementing ArcSight?
    A: ArcSight may have a steep learning curve, especially for users who are new to the platform. Its advanced features and complexity require dedicated training and expertise.
  • Q: What are the typical limitations of ArcSight?
    A: ArcSight's limitations may include a complex pricing model, resource-intensive setup, and high data ingestion rates, making it less suitable for small businesses with simpler security needs.
  • Q: How does ArcSight compare to other SIEM solutions?
    A: ArcSight is known for its robust capabilities, but its suitability depends on an organization's specific requirements and expertise. It often requires more effort in terms of setup and maintenance but excels in providing comprehensive security.
  • Q: Is ArcSight suitable for small businesses?
    A: ArcSight is best suited for large enterprises and organizations with complex security needs. Its advanced features and pricing model make it less practical for small businesses.
Compare products
Comparison Report
Just drag this link to the bookmark bar.
?
    Table settings

    Compare SIEM Tools

    These are the top products most often compared.

    You can choose 4 products to compare
    Securonix product logo
    Securonix
    Microsoft Sentinel product logo
    Microsoft Sentinel
    Splunk Enterprise Security product logo
    Splunk Enterprise Security
    FortiSIEM product logo
    FortiSIEM
    USM Anywhere product logo
    USM Anywhere
    LogRhythm product logo
    LogRhythm
    IBM QRadar product logo
    IBM QRadar
    InsightIDR product logo
    InsightIDR
    Trellix Enterprise Security Manager product logo
    Trellix Enterprise Security Manager
    Exabeam product logo
    Exabeam

    Head-to-Head
    Comparison

    ArcSight ESM Software Tool

    vs

    Similar Products

    Here are the most similar products to ArcSight ESM.

    Cisco Security Manager product logo
    Cisco Security Manager
    FortiSIEM product logo
    FortiSIEM
    LogRhythm product logo
    LogRhythm
    Trellix Enterprise Security Manager product logo
    Trellix Enterprise Security Manager
    Converged SIEM product logo
    Converged SIEM
    ArcSight Logger product logo
    ArcSight Logger
    LogLogic product logo
    LogLogic
    Quatrix product logo
    Quatrix
    Firewall Analyzer product logo
    Firewall Analyzer
    Logz.io product logo
    Logz.io
    Your review has been submitted
    and should be visible within 24 hours.
    Your review

    Rate the product

    Company Details

    mandatory fields

    Industry
    Choose your main industry
    Company Size
    Choose your company size