Try our new research platform with insights from 80,000+ expert users

ArcSight Enterprise Security Manager (ESM) vs Google Chronicle Suite comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024
 

Categories and Ranking

ArcSight Enterprise Securit...
Ranking in Security Information and Event Management (SIEM)
14th
Average Rating
7.8
Number of Reviews
96
Ranking in other categories
No ranking in other categories
Google Chronicle Suite
Ranking in Security Information and Event Management (SIEM)
17th
Average Rating
8.0
Number of Reviews
9
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Security Information and Event Management (SIEM) category, the mindshare of ArcSight Enterprise Security Manager (ESM) is 1.2%, down from 1.8% compared to the previous year. The mindshare of Google Chronicle Suite is 3.5%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Ramnesh  Dubey - PeerSpot reviewer
Feb 14, 2024
Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods
The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible. So, increasing the storage capacity is one area for improvement. Additionally, the real-time data retention is limited due to the 12 TB restriction. Depending on the Events Per Second (EPS) you receive, you might only be able to retain data for seven to ten days. Overall, the 12 TB limit is the main issue we face in terms of maximizing real-time data storage. Moreover, there are a few improvements I would like to see in future releases. My main suggestion for ArcSight is to simplify the deployment process. Currently, the installation process is quite complex. There are various components involved, including transformations, multiple installations, and containerization for various components. Ideally, I'd recommend that ArcSight allow the entire installation, including the ESM and database, to be completed within a single unified setup process for a streamlined experience. Additionally, having readily available and well-organized documentation for the step-by-step installation process would be incredibly helpful. I would also like to see better support.
AniketGoyal - PeerSpot reviewer
Sep 17, 2024
Seamless integration and advanced threat intelligence with good data management
I am an implementation architect, so I have admin access to Google Chronicle. Google Chronicle is a SIEM tool that collects and stores data from various sources, such as network logs, cloud logs, device logs, security logs, and audit logs. It offers four types of ingestion: forwarder, cloud…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It gives better overall visibility. Before, we didn't have a unified system for managing security alerts. ArcSight introduced various alerts, giving us a better visibility of potential problems."
"ArcSight gives us better visibility into threats that were unknown earlier."
"I think that the overall experience with this solution is good, but in particular, I think that the dashboards are quite interactive."
"ArcSight is customizable. You can integrate just about anything. I also like the ease of use."
"Support is very good."
"The tool sends an automated mail to all the operators, which makes it easy to share the information and reporting.​"
"The webpage algorithm is the most valuable feature because it was the fastest feature for searching the logs, events, and correlation."
"The product is quite mature. It's been around for a long time."
"The platform's most valuable features are multiple connectors and data output flexibility regarding dashboards and user experience."
"The product's most valuable feature is threat hunting. We can detect the threats directly from the console from the past data as well."
"What sets Chronicle apart from other solutions is its emphasis on threat hunting rather than solely serving as a monitoring tool."
"The log folder is fairly simple."
"The dashboards are clean and clearly written, making it easy to use and understand."
"Google Chronicle Suite provides useful APIs."
"Google Chronicle Suite is a highly scalable solution with good search capabilities."
"The support team is responsive."
 

Cons

"ArcSight ESM is not easy to use and it should be integrated with other tools that have infrastructure capabilities."
"Administration of ArcSight is not an easy job. The admin needs to be well experienced in it to identify the root cause and fix it."
"I would like to have a feature that gives us an entire report listing what devices are integrated."
"The stability isn't quite perfect. We occasionally run into problems."
"Sometimes, it takes ages to get an issue resolved. I have ArcSight experience, so I normally try to fix things on my own or find a workaround, but it's tough to get support when I need it."
"The customer experience could be improved."
"The visualization is not very good compared to Splunk."
"The weakness in this system comes about because, with so many different logs, it is possible that the security analyst will lose information."
"A few areas are difficult to understand for someone who has less experience using the product."
"In terms of improvement, the UI can be a bit challenging for beginners."
"The solution's graphical user interface (GUI) should be more user-friendly."
"The configuration is not optimal."
"The tool is perfectly fine, and I have not faced any challenges while using it."
"The tool needs to improve tasking packages. Its GUI needs to be improved. The product needs to include time-based filtration. We can only see the alert detection timeline now."
"The product's default dashboard feature has a few limitations regarding availability."
"The tool is a little bit difficult to use compared to Microsoft Sentinel."
 

Pricing and Cost Advice

"The licensing cost is affordable if you get an enterprise license. The licensing is based on EPS, so you can probably provide a package of license for multiple ESMs with their correlational end fees. It is cost-effective."
"ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value."
"We're paying a fee for an MSSP, and the cost of the total cost of ArcSight ESM was approximately three to four million dollars a year. The price was less than similar solutions. We did not have additional fees."
"ArcSight can be a little bit expensive because of the area that we work in and the cost. Licensing is mostly on a yearly basis, not monthly."
"The solution is super expensive. At our organization size and license model, I think the price is average to what anyone else would charge us."
"The cost of the solution is not very high, although hiring a qualified analyst to work with the product is expensive."
"Aggregation can help a lot in pushing down licensing costs."
"The pricing is great compared to others."
"Compared to other solutions, Google Chronicle Suite's pricing is fine."
"The tool is cheaper than Microsoft Sentinel."
"The solution's pricing is dependent on the data amount."
"We have to pay extra charges for the amount of data transfer and technical support services."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
14%
Manufacturing Company
10%
Government
10%
Financial Services Firm
13%
Computer Software Company
13%
Retailer
8%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
What do you like most about Google Chronicle Suite?
Google Chronicle Suite is a highly scalable solution with good search capabilities.
What needs improvement with Google Chronicle Suite?
The tool is perfectly fine, and I have not faced any challenges while using it.
 

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight
No data available
 

Learn More

 

Overview

 

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
Information Not Available
Find out what your peers are saying about ArcSight Enterprise Security Manager (ESM) vs. Google Chronicle Suite and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.