ArcSight Intelligence Reviews

Name: ArcSight Intelligence
Brand: OpenText
Rating: 4.0 (5 reviews)

4.0 out of 5

5 reviews
80% willing to recommend

1,471 followers

What is ArcSight Intelligence?

Empower your threat hunting team to pre-empt elusive attacks with anomaly detection powered by security AI to find insider threats, zero-day attacks, and APTs.

Get the Security Information and Event Management (SIEM) Buyer's Guide and find out what your peers are saying about ArcSight Intelligence, Splunk Enterprise Security, Microsoft Sentinel and more!

ArcSight Intelligence is the #17 ranked solution in top User Entity Behavior Analytics (UEBA) solutions and #37 ranked solution in top Security Information and Event Management (SIEM) solutions. PeerSpot users give ArcSight Intelligence an average rating of 8.0 out of 10. Based on the analysis of the 5 most recent ArcSight Intelligence reviews, the overall sentiment is positive, with a sentiment score of 6.5. (Among the lowest in the category). ArcSight Intelligence is most commonly compared to Splunk Enterprise Security: ArcSight Intelligence vs Splunk Enterprise Security. ArcSight Intelligence is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a government, accounting for 21% of all views.

Buyer's Guide

Security Information and Event Management (SIEM)

November 2024

Get the category report

Helped 816,406 peers since 2012

Featured reviews

Nagendra Nekkala

Senior Manager ICT & Innovations at Bangalore International Airport Limited

ArcSight Intelligence is easy to maintain; one person is enough for the solution's maintenance. The maintenance person will add new features or devices, make policy changes or configurations, and learn and guide other engineers about new threats. ArcSight Intelligence is a user-friendly solution, and users should buy it if their company can afford its cost. Overall, I rate ArcSight Intelligence a nine out of ten.

Read full review

Pravir KumarSinha

Information Security at Synechron

We integrated this tool with our security infrastructure. We installed it on a Linux server, where we have a Logger and ESM installed. With the Linux server as the hub, we manage all the configurations and rules, including those for email triggers. The logs are routed through a connector to the Logger, allowing us to monitor our infrastructure effectively. The platform helps us improve threat detection capabilities. I recommend it to others and rate it a seven out of ten.

Read full review

Olajide Olusegun

Network Team Lead at Atlas Security

The dashboard is not user-friendly. Using the system requires specialized knowledge and training, as it includes three consoles, the logger, the central management center, and the ESM. The dashboard is not easy to use and requires a lot of commands, making it difficult for those new to the system. All of the commands may be overwhelming for those just learning the system. Making the dashboard more user-friendly and reducing the reliance on commands, perhaps by using plain English text for filters and searches, would be a great improvement. Everyone we ask would agree that the dashboard needs to be made more user-friendly. The scalability of the solution can be improved.

Read full review

ArcSight Intelligence mindshare

Product category:

As of November 2024, the mindshare of ArcSight Intelligence in the Security Information and Event Management (SIEM) category stands at 0.3%, down from 0.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Key learnings from peers

Last updated Nov 21, 2024

Valuable Features

ArcSight Intelligence offers a strong correlation engine, customizable alerts for specific environments, and a single console for unified dashboard views. Users benefit from integrated log sources, an intuitive interface with easy access, consolidated reports, and ease of use. Features like simple rule-writing and automatic population enhance functionality, making it ideal for entities with specialized needs.

"The platform helps us improve threat detection capabilities."
"The product has a valuable interface."
"The most valuable feature of ArcSight Intelligence is a single console where the entire dashboard gives all the connected details in a single place."

Room for Improvement

ArcSight Intelligence needs more frequent updates on global threats and new rules. Its dashboard is difficult to use, requiring specialized knowledge and extensive commands. There is a need for better options for dashboard creation and scalability improvement. The speed is slow, making it less efficient as businesses grow. Creating connectors for new devices is challenging. ArcSight Intelligence's pricing requires modification and it is less favored compared to QRadar and Splunk.

"We haven't found the product fully scalable."
"ArcSight Intelligence's pricing needs improvement."
"ArcSight Intelligence is a bit slower, and its speed should be improved."

ROI

ArcSight Intelligence significantly enhanced threat detection, reducing manual efforts in monitoring and analysis. It provided faster incident response and improved security posture, leading to substantial time savings and increased productivity. Automation features minimized false positives, allowing teams to focus on critical issues. The intuitive interface and advanced analytics capabilities streamlined operations, leading to effective threat management and cost efficiency.

Pricing

ArcSight Intelligence has a range of licensing options, including monthly and yearly plans, with some users noting the availability of perpetual licenses. Generally, users find the solution expensive, rating it around eight out of ten in terms of cost. While some mentioned that its price is average and not very high, compared to alternatives like Splunk, ArcSight Intelligence often charges extra for new features. This makes it more suitable for larger enterprise environments.

"They offer perpetual licenses for the product."
"It is an expensive platform."
"ArcSight Intelligence is an expensive solution."

Popular Use Cases

Organizations utilize ArcSight Intelligence primarily for gathering global intelligence from the cloud, receiving feeds and notifications about global attacks, and updating correlation engines. They send logs from network devices to ArcSight Logger for up to 90 days, including security and non-security logs. ArcSight Intelligence is also employed for user behavioral analytics, integrating logs with Unix and Microsoft-based connectors, and providing alerts on a single console for network visibility and filtering false positives. They also use it for monitoring purposes.

Service and Support

ArcSight Intelligence's customer service has mixed feedback. Users have noted that response times can be slow and may require multiple exchanges for satisfactory resolutions. However, some have had positive experiences, describing the support as awesome and capable of resolving issues. Despite this, there are instances where the feedback provided is insufficient to fully address problems.

Deployment

The initial setup of ArcSight Intelligence varies among users. Some find it easy and quick, completed within a day or two, while others experience difficulties requiring weeks or months, particularly with fine-tuning. Transitioning from hardware to VM took around two weeks, creating use cases and matching logs from various devices lengthened the process. Deployment necessitates multiple engineers, and different server and network device requirements can significantly impact setup duration. Maintenance is generally straightforward.

Scalability

Some find ArcSight Intelligence scalable, rating it highly, while others see limitations and rate it lower. Ease of scaling varies, often influenced by user experience and support resources. Some organizations plan to increase usage, yet consider alternatives like Splunk, indicating mixed scalability perceptions.

Stability

Users find ArcSight Intelligence to be highly stable. They have had no issues with bugs or glitches. ArcSight Intelligence earns a nine out of ten rating for stability.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Security Information and Event Management (SIEM) Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews

Government

21%

Computer Software Company

18%

Financial Services Firm

Manufacturing Company

Outsourcing Company

Real Estate/Law Firm

Retailer

University

Comms Service Provider

Media Company

Non Profit

Educational Organization

Legal Firm

Insurance Company

Energy/Utilities Company

Transportation Company

Engineering Company

Recreational Facilities/Services Company

Logistics Company

Security Firm

Aerospace/Defense Firm

Healthcare Company

Performing Arts

Compare ArcSight Intelligence with alternative products

Learn more about ArcSight Intelligence

ArcSight Intelligence was previously known as ArcSight Interset / Intelligence, FileTrek, Interset UEBA, Micro Focus Interset UEBA, Micro Focus Interset, ArcSight Interset.