Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs OpenText Enterprise Security Manager comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Security Hub
Average Rating
7.6
Reviews Sentiment
6.5
Number of Reviews
26
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (13th)
OpenText Enterprise Securit...
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
98
Ranking in other categories
Security Information and Event Management (SIEM) (21st)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. AWS Security Hub is designed for Cloud Security Posture Management (CSPM) and holds a mindshare of 4.2%, down 5.0% compared to last year.
OpenText Enterprise Security Manager, on the other hand, focuses on Security Information and Event Management (SIEM), holds 1.6% mindshare, up 1.2% since last year.
Cloud Security Posture Management (CSPM) Market Share Distribution
ProductMarket Share (%)
AWS Security Hub4.2%
Wiz20.9%
Prisma Cloud by Palo Alto Networks11.4%
Other63.5%
Cloud Security Posture Management (CSPM)
Security Information and Event Management (SIEM) Market Share Distribution
ProductMarket Share (%)
OpenText Enterprise Security Manager1.6%
Wazuh10.2%
Splunk Enterprise Security9.2%
Other79.0%
Security Information and Event Management (SIEM)
 

Featured Reviews

Karthik Ekambaram - PeerSpot reviewer
Has helped identify misconfigurations and prioritize risks but lacks multi-cloud support and deeper integration features
AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS. There are other products in the market for CSPM that can give you multi-cloud environment misconfigurations, even Microsoft for that matter. Regarding the integration of AWS Security Hub with third-party tools, I am not certain whether we can integrate them, but there is no need to do so. However, AWS Security Hub cannot integrate with other cloud providers, so it only supports the AWS environment. The compliance checks within AWS Security Hub are good, but we don't use them much. We utilize compliance frameworks such as CIS compliance frameworks and ISO 27017 framework, which are beneficial, but it can improve in other areas too, such as including NIST and other frameworks beyond just ISO and CIS. Improvements can be applicable for scalability, particularly on integration with multi-cloud environments, and compliance frameworks can be added for more variety as well. The unified dashboard in AWS Security Hub is adequate; I cannot say it is exceptional, but the content available in the dashboards is satisfactory for now.
Ramnesh  Dubey - PeerSpot reviewer
Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods
The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible. So, increasing the storage capacity is one area for improvement. Additionally, the real-time data retention is limited due to the 12 TB restriction. Depending on the Events Per Second (EPS) you receive, you might only be able to retain data for seven to ten days. Overall, the 12 TB limit is the main issue we face in terms of maximizing real-time data storage. Moreover, there are a few improvements I would like to see in future releases. My main suggestion for ArcSight is to simplify the deployment process. Currently, the installation process is quite complex. There are various components involved, including transformations, multiple installations, and containerization for various components. Ideally, I'd recommend that ArcSight allow the entire installation, including the ESM and database, to be completed within a single unified setup process for a streamlined experience. Additionally, having readily available and well-organized documentation for the step-by-step installation process would be incredibly helpful. I would also like to see better support.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"I find all of the features to be highly valuable."
"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."
"Easily integrates with third-party tools"
"Security Hub provides insightful information about what is running and where there might be weaknesses."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"ArcSight is customizable. You can integrate just about anything. I also like the ease of use."
"The filters and the ability to do what you want are the most valuable features. There is nothing that you cannot do in this solution. It has all the features, which makes it very dynamic."
"The reports that we are from getting from ArcSight are very valuable. The reporting in ArcSight is good. Our regulators ask us for the reports on a regular basis, and we have been able to provide the required data. Its overall functionality in terms of log analysis and the speed at which it does that is also valuable. It is very quick. Whatever alerts we had configured were extremely fast. We immediately get alerts when there is unauthorized access or unknown access, or even positive access. This is where we found the difference between ArcSight and other solutions."
"I value the event correlation of this product."
"The most useful features are directories, price, and live reporting."
"The real-time analysis adds value."
"It makes maintenance very easy."
"The out-of-the-box rules that help us configure functioning rules within the environment are valuable."
 

Cons

"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
"The solution lacks self-sufficiency."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"Shortening the response time for support tickets, particularly in production issues, could make the service more efficient."
"Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"Sometimes, it takes ages to get an issue resolved. I have ArcSight experience, so I normally try to fix things on my own or find a workaround, but it's tough to get support when I need it."
"The stability of ArcSight Enterprise Security Manager (ESM) is not very robust."
"The product should include a lot more predefined scenarios so the adopted company will have knowledge and a broader skill set in security and network."
"The only concern is that AI needs to be integrated"
"They need to develop NetFlow appliances that can be installed in the customer network on span ports, collect NetFlow, and send it to ArcSight without relying on the devices' NetFlow capability and their position in the network."
"ArcSight is incredibly complex when configuring and deploying, and if your organization doesn't know what they want and what they need, ArcSight will be a challenge for them."
"ArcSight ESM could improve the alerts for the storage capacities or actions."
"There could be more API features for extracting logs on different devices included in the product."
 

Pricing and Cost Advice

"The price of AWS Security Hub is average compared to other solutions."
"AWS Security Hub's pricing is pretty reasonable."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"The pricing is fine. It is not an expensive tool."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"Security Hub is not an expensive solution."
"The price of the solution is not very competitive but it is reasonable."
"There are multiple subscription models, like yearly, monthly, and packaged."
"The product licenses are inexpensive."
"Price-wise, ArcSight ESM was a bit high compared to competitors, which factored into our decision to switch to Splunk. It couldn't cover all our business needs for what we wanted to implement."
"It's a good price, it's one of the cheaper solutions."
"Thanks to Micro Focus's licensing model, as an MSSP, we are able to see a complete return on our investment almost immediately."
"​It is best to be an institutional buyer and directly contact the sales team, as they can provide over-the-top discounts for bulk orders.​"
"ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value."
"Customers without a ton of resources to dedicate to deployment may be better served by a managed ArcSight service."
"Aggregation can help a lot in pushing down licensing costs."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
869,513 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
10%
Government
6%
Financial Services Firm
15%
Computer Software Company
11%
Manufacturing Company
11%
Performing Arts
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise5
Large Enterprise12
By reviewers
Company SizeCount
Small Business37
Midsize Enterprise14
Large Enterprise57
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
What needs improvement with AWS Security Hub?
Regarding how Amazon can improve AWS Security Hub, they have numerous services that are discriminated individually and grouped into packages. However, the sheer number of services can be overwhelmi...
Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.
 

Also Known As

SQRRL
Micro Focus ArcSight, HPE ArcSight, ArcSight
 

Overview

 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
Find out what your peers are saying about AWS Security Hub vs. OpenText Enterprise Security Manager and other solutions. Updated: October 2024.
869,513 professionals have used our research since 2012.