Try our new research platform with insights from 80,000+ expert users

ArcSight Enterprise Security Manager (ESM) vs ArcSight Intelligence comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
8.9
ArcSight ESM can offer high ROI through threat detection, compliance, audits, and brand protection despite its costs and implementation challenges.
Sentiment score
8.9
ArcSight Intelligence boosts security and ROI by automating threat detection, reducing false positives, and streamlining workflows with advanced analytics.
 

Customer Service

Sentiment score
5.7
ArcSight ESM customer service is mixed, with efficient initial responses but inconsistent, often slow technical support causing dissatisfaction.
Sentiment score
6.7
ArcSight Intelligence has slow but capable customer support, with mixed user satisfaction regarding problem resolution and feedback sufficiency.
If I raise a P1 or P0 ticket, the response time is often delayed by four to eight hours.
 

Scalability Issues

Sentiment score
7.1
ArcSight ESM offers scalability and cloud support but faces high costs and EPS licensing challenges for growing event volumes.
Sentiment score
6.3
ArcSight Intelligence is scalable but complex, with user ratings ranging from moderately to highly, influenced by partner support.
It lacks some capabilities compared to other tools available in the market.
 

Stability Issues

Sentiment score
7.1
ArcSight ESM is stable with configuration efforts, though deployment challenges and occasional issues arise under high-load conditions.
Sentiment score
8.4
ArcSight Intelligence is highly rated for stability and consistent performance, with users giving it a nine out of ten.
The stability of ArcSight Enterprise Security Manager (ESM) is not very robust.
 

Room For Improvement

ArcSight ESM needs interface updates, better integration, improved performance, reporting, scaling, error handling, and enhanced technical support.
ArcSight Intelligence requires frequent updates, improved usability, better speed, enhanced scalability, lower pricing, and higher ranking compared to QRadar and Splunk.
The integration aspect of ArcSight Enterprise Security Manager (ESM) needs improvement.
 

Setup Cost

ArcSight ESM is costly but justifiable, with pricing based on EPS, scalable features, and possible bulk discounts.
ArcSight Intelligence is costly, suited for enterprises, and offers various licensing options with extra charges for new features.
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools.
 

Valuable Features

ArcSight ESM offers seamless integration, scalability, customizable features, real-time monitoring, and extensive analytics for effective threat detection and response.
ArcSight Intelligence offers a powerful log correlation engine, customizable alerts, seamless dashboard, user-friendly interface, and easy rule creation.
 

Categories and Ranking

ArcSight Enterprise Securit...
Ranking in Security Information and Event Management (SIEM)
19th
Average Rating
7.8
Reviews Sentiment
7.5
Number of Reviews
97
Ranking in other categories
No ranking in other categories
ArcSight Intelligence
Ranking in Security Information and Event Management (SIEM)
40th
Average Rating
8.0
Reviews Sentiment
6.6
Number of Reviews
5
Ranking in other categories
User Entity Behavior Analytics (UEBA) (14th)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of ArcSight Enterprise Security Manager (ESM) is 1.1%, down from 1.6% compared to the previous year. The mindshare of ArcSight Intelligence is 0.3%, down from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Ramnesh  Dubey - PeerSpot reviewer
Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods
The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible. So, increasing the storage capacity is one area for improvement. Additionally, the real-time data retention is limited due to the 12 TB restriction. Depending on the Events Per Second (EPS) you receive, you might only be able to retain data for seven to ten days. Overall, the 12 TB limit is the main issue we face in terms of maximizing real-time data storage. Moreover, there are a few improvements I would like to see in future releases. My main suggestion for ArcSight is to simplify the deployment process. Currently, the installation process is quite complex. There are various components involved, including transformations, multiple installations, and containerization for various components. Ideally, I'd recommend that ArcSight allow the entire installation, including the ESM and database, to be completed within a single unified setup process for a streamlined experience. Additionally, having readily available and well-organized documentation for the step-by-step installation process would be incredibly helpful. I would also like to see better support.
Pravir KumarSinha - PeerSpot reviewer
Has essential threat detection capabilities, but the features for intelligence need enhancement
We integrated this tool with our security infrastructure. We installed it on a Linux server, where we have a Logger and ESM installed. With the Linux server as the hub, we manage all the configurations and rules, including those for email triggers. The logs are routed through a connector to the Logger, allowing us to monitor our infrastructure effectively. The platform helps us improve threat detection capabilities. I recommend it to others and rate it a seven out of ten.
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
15%
Manufacturing Company
11%
Government
9%
Government
21%
Computer Software Company
18%
Financial Services Firm
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.
What do you like most about ArcSight Interset / Intelligence?
The platform helps us improve threat detection capabilities.
What needs improvement with ArcSight Interset / Intelligence?
The product could be improved in several areas; it currently requires significant enhancement. Compared to QRadar and Splunk, ArcSight Intelligence falls behind, placing it as the third choice amon...
 

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight
ArcSight Interset / Intelligence, FileTrek, Interset UEBA, Micro Focus Interset UEBA, Micro Focus Interset, ArcSight Interset
 

Overview

 

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
Accuvant, Splunk Inc., NuTech, Box, rSolutions, Voodoo Technology Limited
Find out what your peers are saying about ArcSight Enterprise Security Manager (ESM) vs. ArcSight Intelligence and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.