AWS Security Hub vs ArcSight Enterprise Security Manager (ESM) comparison

ArcSight Enterprise Securit...
Read 93 ArcSight Enterprise Security Manager (ESM) reviews
  • 5,016 Views
  • 2,339 Comparison Views
89% willing to recommend
AWS Security Hub
Read 17 AWS Security Hub reviews
  • 7,691 Views
  • 6,365 Comparison Views
89% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between ArcSight Enterprise Security Manager (ESM) and AWS Security Hub based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM) Report (Updated: June 2024).
Buyer's Guide
AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM)
June 2024
Download the complete report
Helped 787,061 peers since 2012
 

Categories and Ranking

ArcSight Enterprise Securit...
Ranking in Security Information and Event Management (SIEM)
12th
Average Rating
7.8
Number of Reviews
93
Ranking in other categories
No ranking in other categories
AWS Security Hub
Ranking in Security Information and Event Management (SIEM)
8th
Average Rating
7.6
Number of Reviews
17
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (12th)
 

Market share comparison

As of June 2024, in the Security Information and Event Management (SIEM) category, the market share of ArcSight Enterprise Security Manager (ESM) is 1.0% and it decreased by 62.5% compared to the previous year. The market share of AWS Security Hub is 6.4% and it decreased by 11.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
Unique Categories:
No other categories found
Security Orchestration Automation and Response (SOAR)
11.8%
Cloud Security Posture Management (CSPM)
6.8%
 

Featured Reviews

Irfan Ali - PeerSpot reviewer
Feb 13, 2024
Offers comprehensive integration with various log sources but lacks integration with various log sources
The deployment does require some effort. ArcSight is one of the most complex, complicated solutions to deploy. It's a large-scale deployment. So, it has full modules to be deployed. The footprint is larger compared to some other platforms where the footprint is in single or two virtual machines, which is not the case in ArcSight. On average, two weeks or three weeks of time for deployment matters. Moreover, deployment involves more than just installing the tools. Integration with it is a second step. That takes longer than just the tool deployment. Then, after integration, you have to onboard the different log sources. Even for that, the combined time of deployment and integration is less than onboarding the different source environments. Once you do all this and then establish the correlation, only then from the customer's point of view, it's a complete deployment. From a product perspective, it is different. Some products are easier to have a fresh installation but difficult to integrate, and then they're very difficult to onboard the log sources. So, from the product point of view, when you consider a deployment, it should be considered an end-to-end deployment from zero to production-ready. And here, ArcSight is a longer platform to deploy. Moreover, it is quite difficult to maintain it because of the different components, and it can be because of the licensing model; it takes longer. It will take more effort to maintain it. Sometimes, the hardware fails, and sometimes the virtual machine fails. Sometimes, the operating system and sometimes the database separately. The more components you have, the more knobs you have to keep an eye on. Two people are required to maintain it.
Read full review
NK
Sep 5, 2023
A centralized dashboard that enables efficient monitoring and management of possible security issues
We use it to get a comprehensive view of all the processes within the company. It provides us with centralized security insight, available on a dashboard for all of the users while running continuous and automated compliance checks I find all of the features to be highly valuable.  Adding SIEM…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"There are many features that are good for clients who are looking for a good SIEM solution. They like the ease of creating a business that is effective and impressive."
"When WannaCry attacks I can minimize the damage. My company had no protection at the time. We get alerts in ArcSight and then whenever a user got a copy of WannaCry and the WannaCry malware wants to connect to the mother ship, it alerts me in the ArcSight dashboard, and that helps us a lot. We then just go to the user and erase the malware."
"The out-of-the-box rules that help us configure functioning rules within the environment are valuable."
"It is a very useful tool for intelligence building because it has many use cases and many rule sets."
"The most useful features are directories, price, and live reporting."
"Usability is the most valuable feature. The accessibility is quite good."
"The most important feature is ArcSight's event correlation capabilities. It's powerful and easy. I also like the flex connector capability. It's easy to develop a new connector that isn't fully supported out of the box. For example, say you created a solution internally that's completely different, and it's not unsupported by the solution. You can write your own connector using the flex connector."
"The solution offers very good monitoring."
More ArcSight Enterprise Security Manager (ESM) pros
"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"The solution shows us our compliance score."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"I find all of the features to be highly valuable."
"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
More AWS Security Hub pros
 

Cons

"HPE ArcSight has a quite steep learning curve."
"The solution could be more stable."
"Customer service during the transition from HPE to Micro Focus was abysmal where it became disruptive to our service delivery."
"ArcSight ESM's UI is a little cumbersome and complex, especially for first-time and occasional users using the console manager."
"Sometimes, it takes ages to get an issue resolved. I have ArcSight experience, so I normally try to fix things on my own or find a workaround, but it's tough to get support when I need it."
"The analytics feature is not reliable and needs improvement for more detailed analysis.​"
"The user interface of ArcSight Enterprise Security Manager could improve. It is not very good. Additionally, they could integrate the web interface better."
"The product should include a lot more predefined scenarios so the adopted company will have knowledge and a broader skill set in security and network."
More ArcSight Enterprise Security Manager (ESM) cons
"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."
"It is not flexible for multi-cloud environments."
"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"The solution lacks self-sufficiency."
"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"The support must be quicker."
More AWS Security Hub cons
 

Pricing and Cost Advice

"ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value."
"The pricing is great compared to others."
"The solution is super expensive. At our organization size and license model, I think the price is average to what anyone else would charge us."
"HPE ArcSight pricing might be more expensive than other SIEM solutions, but in my opinion it has powerful features and great flexibility in developing complex use cases."
"Thanks to Micro Focus's licensing model, as an MSSP, we are able to see a complete return on our investment almost immediately."
"Customers without a ton of resources to dedicate to deployment may be better served by a managed ArcSight service."
"ArcSight can be a little bit expensive because of the area that we work in and the cost. Licensing is mostly on a yearly basis, not monthly."
"It's a good price, it's one of the cheaper solutions."
More ArcSight Enterprise Security Manager (ESM) pricing and cost advice
"AWS Security Hub's pricing is pretty reasonable."
"The pricing is fine. It is not an expensive tool."
"The price of the solution is not very competitive but it is reasonable."
"The price of AWS Security Hub is average compared to other solutions."
"Security Hub is not an expensive solution."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"There are multiple subscription models, like yearly, monthly, and packaged."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
787,061 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
Read full review
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
13%
Manufacturing Company
9%
Government
9%
Computer Software Company
17%
Financial Services Firm
13%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
See all answers
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
See all answers
What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?
The pricing model is expensive compared to open-source alternatives, especially as your needs grow.
See all answers
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
See all answers
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
See all answers
What needs improvement with AWS Security Hub?
The solution should be easier to learn and use, and data exportation should be more user-friendly. If a user doesn't know how to export data or how to link at the back-end of tools like Amazon Athe...
See all answers
 

Comparisons

Splunk Enterprise Security vs ArcSight Enterprise Security Manager (ESM) Logo
Splunk Enterprise Security vs ArcSight Enterprise Security Manager (ESM)
Compared 29% of the time
Trellix ESM vs ArcSight Enterprise Security Manager (ESM) Logo
Trellix ESM vs ArcSight Enterprise Security Manager (ESM)
Compared 10% of the time
ArcSight Intelligence vs ArcSight Enterprise Security Manager (ESM) Logo
ArcSight Intelligence vs ArcSight Enterprise Security Manager (ESM)
Compared 9% of the time
IBM Security QRadar vs ArcSight Enterprise Security Manager (ESM) Logo
IBM Security QRadar vs ArcSight Enterprise Security Manager (ESM)
Compared 7% of the time
Microsoft Sentinel vs ArcSight Enterprise Security Manager (ESM) Logo
Microsoft Sentinel vs ArcSight Enterprise Security Manager (ESM)
Compared 4% of the time
More ArcSight Enterprise Security Manager (ESM) Competitors
Microsoft Sentinel vs AWS Security Hub Logo
Microsoft Sentinel vs AWS Security Hub
Compared 37% of the time
Prisma Cloud by Palo Alto Networks vs AWS Security Hub Logo
Prisma Cloud by Palo Alto Networks vs AWS Security Hub
Compared 12% of the time
Wiz vs AWS Security Hub Logo
Wiz vs AWS Security Hub
Compared 12% of the time
Microsoft Defender for Cloud vs AWS Security Hub Logo
Microsoft Defender for Cloud vs AWS Security Hub
Compared 8% of the time
Google Chronicle Suite vs AWS Security Hub Logo
Google Chronicle Suite vs AWS Security Hub
Compared 4% of the time
More AWS Security Hub Competitors
 

Product Reports

Buyer's Guide
ArcSight Enterprise Security Manager (ESM)
June 2024
ArcSight Enterprise Security Manager (ESM) reportDownload ArcSight Enterprise Security Manager (ESM) product report
Buyer's Guide
AWS Security Hub
June 2024
AWS Security Hub reportDownload AWS Security Hub product report
 

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight
No data available
 

Learn More

OpenText
Amazon Web Services (AWS)
 

Overview

ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.

ArcSight Enterprise Security Manager (ESM) Features

  • Real-time threat detection
  • Visualization and reporting capabilities
  • Patented log management
  • Personalized dashboards
  • Scalable event monitoring
  • Seamless integration with your existing SOC tools
  • Behavior profiling
  • Data and user monitoring
  • Application monitoring
  • Analytics
  • Deployment/support simplicity

ArcSight Enterprise Security Manager (ESM) Benefits

Some of the benefits of using ESM include:

  • Real-time information: ArcSight ESM can correlate data from any source in real-time to detect incidents before they become a breach.
  • Compliance: Optional compliance packs enable packaged reports for PCI, SOX, and IT Governance.
  • Security analytics: With ArcSight ESM, you can build and maintain a security operation center (SOC) through big data security analytics.
  • Integration: ArcSight ESM allows you to integrate SOC with network operations, service desk, CMDB, business intelligence, Hadoop, email security, application security, threat feeds, and more. 
  • Speed: ArcSight ESM provides excellent speed of event collection with patented log management tools. 
  • Advanced detection: ArcSight ESM can detect unusual or unauthorized activities as they occur, preventing business disruptions. 
  • Decrease threat exposure: By implementing ArcSight ESM, you reduce threat exposure because the solution detects threats in real time.  
  • Operational efficiency: ArcSight ESM makes it possible for you to automate responses with ArcSight’s native SOAR, which saves your organization time, and therefore increases your operational efficiency.

Reviews from Real Users

Below are some reviews and helpful feedback written by ArcSight Enterprise Security Manager (ESM) users.

A Head of Professional Services at a computer software company says, “The simplicity of the solution is the most valuable aspect of the product. The product is quite mature. It's been around for a long time. The integration is easy for the most part.”

A Managing partner at a tech services company states that the solution is “Good at consolidating logs, fairly stable, and can scale.” 

PeerSpot user Abbasi P., Vice President Derivatives Ops IT at a financial services firm, explains, “The user interfaces are quite good and speedy, and I like the consoles too. The typology and the setup are also good.”

A Chief Technological Officer at a tech services company says, "It is a very useful tool for intelligence building because it has many use cases and many rule sets."

An Associate Vice President at a consumer goods company comments, “We primarily use the solution for its technology including its independent logs, and those types of things. The solution offers very good monitoring. The product's log management and event management capabilities are excellent. There are a lot of really good analytical components. It helps us focus on analysis.”

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

 

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
Edmunds, Frame.io, GoDaddy, Realtor.com
Buyer's Guide
AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM)
June 2024
Free Report: AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM)
Find out what your peers are saying about AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM) and other solutions. Updated: June 2024.
DOWNLOAD NOW
787,061 professionals have used our research since 2012.
See our AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM) report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.