ArcSight Enterprise Security Manager (ESM) vs USM Anywhere comparison

ArcSight Enterprise Securit...

Read 93 ArcSight Enterprise Security Manager (ESM) reviews

5,016 Views
2,339 Comparison Views

89% willing to recommend

USM Anywhere

Read 113 USM Anywhere reviews

5,276 Views
3,482 Comparison Views

92% willing to recommend

ArcSight Enterprise Securit...

USM Anywhere

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jul 20, 2023

We performed a comparison between ArcSight ESM and USM Anywhere based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

Features: ArcSight ESM is praised for its well-designed dashboard, real-time reporting, and threat intelligence capabilities that leverage AI and correlation tools. Users also like ArcSight’s seamless integration and effortless management.USM Anywhere is highly regarded for its extensive reporting capabilities, thorough vulnerability assessment, seamless file integration, and user-friendly management features. ArcSight ESM users have recommended improvements in training, speed, and data administration. USM Anywhere users have suggested improvements in self-service plugin management, database optimization, and third-party threat intelligence integration.
Service and Support: Some ArcSight ESM users have found the support to be responsive and helpful, while others have faced issues with slow response times and a lack of expertise. Some users say that USM Anywhere's customer service is knowledgeable and responsive, while others have faced delays and incomplete answers.
Ease of Deployment: Some said that ArcSight ESM is straightforward to set up, while others noted that integration with other systems can be challenging and requires specialized knowledge. The initial setup for USM Anywhere is generally considered to be straightforward if the user has technical knowledge. Vendor assistance is also available during the deployment phase.
Pricing: Users consider the pricing of ArcSight ESM to be reasonable and affordable. USM Anywhere is seen as more cost-effective than premium solutions like IBM QRadar and Splunk, with pricing considered reasonable and relatively low.
ROI: ArcSight ESM delivers an ROI by helping clients achieve compliance objectives and prevent incidents. USM Anywhere has garnered favorable feedback regarding its ROI.

Conclusion: Based on the provided review answers, it can be concluded that USM Anywhere is the preferred option over ArcSight Enterprise Security Manager (ESM). Users appreciate its straightforward and easy initial setup process, intuitive user interface, and affordable pricing. They also value the fact that it does not require a dedicated SOC team. USM Anywhere is commended for its valuable features including vulnerability assessment, cloud deployment, easy integration, and comprehensive reporting capabilities. Although both products have areas that can be improved, USM Anywhere stands out for its simplicity and cost-effectiveness.

To learn more, read our detailed ArcSight Enterprise Security Manager (ESM) vs. USM Anywhere Report (Updated: June 2024).

Buyer's Guide

ArcSight Enterprise Security Manager (ESM) vs. USM Anywhere

June 2024

Download the complete report

Helped 787,061 peers since 2012

Categories and Ranking

ArcSight Enterprise Securit...

Ranking in Security Information and Event Management (SIEM)

12th

Average Rating

7.8

Number of Reviews

Ranking in other categories

No ranking in other categories

USM Anywhere

Ranking in Security Information and Event Management (SIEM)

13th

Average Rating

8.4

Number of Reviews

113

Ranking in other categories

Log Management (17th), Endpoint Detection and Response (EDR) (31st), Compliance Management (8th)

Market share comparison

As of June 2024, in the Security Information and Event Management (SIEM) category, the market share of ArcSight Enterprise Security Manager (ESM) is 1.0% and it decreased by 62.5% compared to the previous year. The market share of USM Anywhere is 1.3% and it decreased by 36.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Unique Categories:

No other categories found

Log Management

0.8%

Endpoint Detection and Response (EDR)

0.2%

Featured Reviews

Ly Binh Lap

Network Security Engineer, Security Monitoring Center at a tech services company

Jan 24, 2017

FlexConnector collects logs from your own application.

The ArcSight solution supports your security team with many SIEM features: Monitoring Analysis Alerts Incident response In my opinion, ArcSight is an open solution. It is easy to: Customize components Use FlexConnector to collect logs from your own application Edit rules and the dashboard…

Read full review

Philip Bradley

Senior Security Information Manager at agiito

Sep 6, 2023

Easy to use and affordable

I find that USM Anywhere is not overly complicated and things flow logically. The way it lays out the Microsoft alert and formats the text for you so you can actually read it is very workable What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The filters and the ability to do what you want are the most valuable features. There is nothing that you cannot do in this solution. It has all the features, which makes it very dynamic."

"It prevented my users from getting infected by ransomware. It can also pinpoint the story behind every virus or network attack to our environment."

"Once the rules are defined, it becomes easy to detect changes and generate automated logs."

"The solution offers very good monitoring."

"It has absolutely improved the efficiency of our security team. We use it internally as well. It is such a powerful tool that our internal security team became a customer of our ArcSight managed service."

"It is a vital tool for live monitoring and helps us to understand the traffic alerts of any major issue on the network, thereby reducing hacking attempts."

"For the typical malware or intrusion, this solution assists us by identifying the symptoms based on network traffic from the application servers."

"The most valuable feature of ArcSight ESM is its ease of use."

More ArcSight Enterprise Security Manager (ESM) pros

"Allowed us to help our customers satisfy compliance needs around logging and monitoring."

"The vulnerability manager and the file integration are very good."

"It brought our logs into one place for review and set up alarms based on changes we were missing due to lack of having one place for everything to go."

"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."

"The dashboards are very descriptive and contain just the right amount of information. The activity alarms and events contain a plethora of data that is very descriptive and useful."

"The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful."

"We had used previous products and found AlienVault centralized the logging for our security."

"Ease of deployment across various environments."

More USM Anywhere pros

Cons

"The API integration could be better, and I'd like to see more machine-learning capabilities in the future."

"HPE ArcSight has a quite steep learning curve."

"When we need to consume old events, we have to wait for a long time. ArcSight should improve the database capability to reply to queries faster. It would also be interesting if they implemented network visibility. For example, they could add a feature like NetWitness with a model just for looking through the packets."

"Administration of ArcSight is not an easy job. The admin needs to be well experienced in it to identify the root cause and fix it."

"The security area has room for improvement."

"Deployment typology could be improved. Difficult to scale across all the different lines of businesses."

"The stability isn't quite perfect. We occasionally run into problems."

"The customer experience could be improved."

More ArcSight Enterprise Security Manager (ESM) cons

"The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."

"Source material on the forums to be more up-to-date with the changes happening within the product. Forums being out-of-date with information due to the changes makes troubleshooting a little more difficult - specific to the HIDS agents."

"Adding a parsing interface for the customers would make AT&T AlienVault USM better."

"I've been told that AlienVault doesn't have a full version of NES running in there, but I'm not sure if that's accurate or if my engineer made it that way. I'm not sure he was completely honest either because we had NES in the environment before. Those tools could be improved because AlienVault is a SIEM, and it added all these other features."

"The reporting and dashboards have room for improvement."

"AT&T AlienVault USM can improve searchable data. It should be available for more than 90 days. If you need more than 90 days of data, you have to put a request and they give you raw data, which is not easy to search. A good addition would be to allow users to search data older than 90 days."

"Windows log collection works with HIDS, but documentation is sparse and confusing."

"I want to see more compliance management capability. The quality of integrations seems to be a little bit low."

More USM Anywhere cons

Pricing and Cost Advice

"ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value."

"We're paying a fee for an MSSP, and the cost of the total cost of ArcSight ESM was approximately three to four million dollars a year. The price was less than similar solutions. We did not have additional fees."

"The licensing cost is affordable if you get an enterprise license. The licensing is based on EPS, so you can probably provide a package of license for multiple ESMs with their correlational end fees. It is cost-effective."

"The pricing model is expensive compared to open-source alternatives."

"ArcSight can be a little bit expensive because of the area that we work in and the cost. Licensing is mostly on a yearly basis, not monthly."

"Customers without a ton of resources to dedicate to deployment may be better served by a managed ArcSight service."

"HPE ArcSight pricing might be more expensive than other SIEM solutions, but in my opinion it has powerful features and great flexibility in developing complex use cases."

"Pricing is good, I'd rate the pricing a seven out of ten, with ten being low price. It's better than Splunk and IBM QRadar because their pricing is based on EPS."

More ArcSight Enterprise Security Manager (ESM) pricing and cost advice

"AlienVault is flexible on their pricing for unlimited licenses."

"So far, it has been a good solution for a tight budget."

"AT&T AlienVault USM is an expensive solution and we pay for the license and the support separately. We paid for the license and support for three years."

"Pricing is very competitive with other products and you get much more functionality from AlienVault."

"We ran a few PoCs. The price and feature set were the best with AlienVault."

"It is affordable, and it also has many features that the premium products such as ArcSight and QRadar have. It is a very good platform for a SIEM solution. Everything is included in the price."

"It is a product that is priced in a medium range, making it neither a cheap nor a costly product."

"The price for this solution is very good, but since the features do not work the price is expensive."

More USM Anywhere pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

787,061 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Jun 28, 2015

Qradar vs. ArcSight

Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…

Read full review

Top Industries

By visitors reading reviews

Financial Services Firm

18%

Computer Software Company

13%

Manufacturing Company

Government

Computer Software Company

17%

Government

Educational Organization

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?

In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...

See all answers

What do you like most about ArcSight Enterprise Security Manager (ESM)?

We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.

See all answers

What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?

The pricing model is expensive compared to open-source alternatives, especially as your needs grow.

See all answers

What do you like most about AT&T AlienVault USM?

The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.

See all answers

What is your experience regarding pricing and costs for AT&T AlienVault USM?

It is a product that is priced in a medium range, making it neither a cheap nor a costly product.

See all answers

What needs improvement with AT&T AlienVault USM?

The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient. A mobile a...

See all answers

Comparisons

Splunk Enterprise Security vs ArcSight Enterprise Security Manager (ESM)

Compared 29% of the time

Trellix ESM vs ArcSight Enterprise Security Manager (ESM)

Compared 10% of the time

ArcSight Intelligence vs ArcSight Enterprise Security Manager (ESM)

Compared 9% of the time

IBM Security QRadar vs ArcSight Enterprise Security Manager (ESM)

Compared 7% of the time

Elastic Security vs ArcSight Enterprise Security Manager (ESM)

Compared 5% of the time

More ArcSight Enterprise Security Manager (ESM) Competitors

Wazuh vs USM Anywhere

Compared 23% of the time

AlienVault OSSIM vs USM Anywhere

Compared 12% of the time

IBM Security QRadar vs USM Anywhere

Compared 9% of the time

Splunk Enterprise Security vs USM Anywhere

Compared 9% of the time

Microsoft Sentinel vs USM Anywhere

Compared 8% of the time

More USM Anywhere Competitors

Product Reports

Buyer's Guide

ArcSight Enterprise Security Manager (ESM)

June 2024

ArcSight Enterprise Security Manager (ESM) report

Download ArcSight Enterprise Security Manager (ESM) product report

Buyer's Guide

USM Anywhere

May 2024

Download USM Anywhere product report

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight

AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity

Learn More

OpenText

AT&T

Overview

ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.

ArcSight Enterprise Security Manager (ESM) Features

Real-time threat detection
Visualization and reporting capabilities
Patented log management
Personalized dashboards
Scalable event monitoring
Seamless integration with your existing SOC tools
Behavior profiling
Data and user monitoring
Application monitoring
Analytics
Deployment/support simplicity

ArcSight Enterprise Security Manager (ESM) Benefits

Some of the benefits of using ESM include:

Real-time information: ArcSight ESM can correlate data from any source in real-time to detect incidents before they become a breach.

Compliance: Optional compliance packs enable packaged reports for PCI, SOX, and IT Governance.

Security analytics: With ArcSight ESM, you can build and maintain a security operation center (SOC) through big data security analytics.

Integration: ArcSight ESM allows you to integrate SOC with network operations, service desk, CMDB, business intelligence, Hadoop, email security, application security, threat feeds, and more.

Speed: ArcSight ESM provides excellent speed of event collection with patented log management tools.

Advanced detection: ArcSight ESM can detect unusual or unauthorized activities as they occur, preventing business disruptions.

Decrease threat exposure: By implementing ArcSight ESM, you reduce threat exposure because the solution detects threats in real time.

Operational efficiency: ArcSight ESM makes it possible for you to automate responses with ArcSight’s native SOAR, which saves your organization time, and therefore increases your operational efficiency.

Reviews from Real Users

Below are some reviews and helpful feedback written by ArcSight Enterprise Security Manager (ESM) users.

A Head of Professional Services at a computer software company says, “The simplicity of the solution is the most valuable aspect of the product. The product is quite mature. It's been around for a long time. The integration is easy for the most part.”

A Managing partner at a tech services company states that the solution is “Good at consolidating logs, fairly stable, and can scale.”

PeerSpot user Abbasi P., Vice President Derivatives Ops IT at a financial services firm, explains, “The user interfaces are quite good and speedy, and I like the consoles too. The typology and the setup are also good.”

A Chief Technological Officer at a tech services company says, "It is a very useful tool for intelligence building because it has many use cases and many rule sets."

An Associate Vice President at a consumer goods company comments, “We primarily use the solution for its technology including its independent logs, and those types of things. The solution offers very good monitoring. The product's log management and event management capabilities are excellent. There are a lot of really good analytical components. It helps us focus on analysis.”

USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

Discover

Network asset discovery
Software & services discovery
AWS asset discovery
Azure asset discovery
Google Cloud Platform asset discovery

Analyze

SIEM event correlation, auto-prioritized alarms
User activity monitoring
Up to 90-days of online, searchable events

Detect

Cloud intrusion detection (AWS, Azure, GCP)
Network intrusion detection (NIDS)
Host intrusion detection (HIDS)
Endpoint Detection and Response (EDR)

Respond

Forensics querying
Automate & orchestrate response
Notifications and ticketing

Assess

Vulnerability scanning
Cloud infrastructure assessment
User & asset configuration
Dark web monitoring

Report

Pre-built compliance reporting templates
Pre-built event reporting templates
Customizable views and dashboards
Log storage

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.

Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom

Buyer's Guide

ArcSight Enterprise Security Manager (ESM) vs. USM Anywhere

June 2024

Free Report: ArcSight Enterprise Security Manager (ESM) vs. USM Anywhere

Find out what your peers are saying about ArcSight Enterprise Security Manager (ESM) vs. USM Anywhere and other solutions. Updated: June 2024.

DOWNLOAD NOW

787,061 professionals have used our research since 2012.

See our ArcSight Enterprise Security Manager (ESM) vs. USM Anywhere report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.