Try our new research platform with insights from 80,000+ expert users

ArcSight Enterprise Security Manager (ESM) vs Google Chronicle Suite comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
8.9
ArcSight ESM can offer high ROI through threat detection, compliance, audits, and brand protection despite its costs and implementation challenges.
Sentiment score
6.5
Google Chronicle Suite enhanced threat detection, automated processes, improved analytics, and increased operational efficiency with cost savings and scalability.
 

Customer Service

Sentiment score
5.7
ArcSight ESM customer service is mixed, with efficient initial responses but inconsistent, often slow technical support causing dissatisfaction.
Sentiment score
7.0
Google Chronicle Suite's customer service is generally effective but slow, with well-prepared documentation and helpful local engineer assistance.
If I raise a P1 or P0 ticket, the response time is often delayed by four to eight hours.
They are slow, and the initial responses often require more information rather than providing helpful solutions.
The technical support I’ve received is rated an eight out of ten.
 

Scalability Issues

Sentiment score
7.1
ArcSight ESM offers scalability and cloud support but faces high costs and EPS licensing challenges for growing event volumes.
Sentiment score
8.3
Google Chronicle Suite scales efficiently, managing large data volumes with high satisfaction ratings, supporting current and future organizational needs.
It lacks some capabilities compared to other tools available in the market.
I rate the scalability of Google Chronicle Suite as ten out of ten.
Chronicle Suite is fully scalable with a rating of seven or eight out of ten in scalability.
 

Stability Issues

Sentiment score
7.1
ArcSight ESM is stable with configuration efforts, though deployment challenges and occasional issues arise under high-load conditions.
Sentiment score
7.8
Google Chronicle Suite is praised for its stability and reliability, frequently scoring high ratings among users.
The stability of ArcSight Enterprise Security Manager (ESM) is not very robust.
I rate the stability of Google Chronicle Suite as a nine, as I have not encountered any stability issues.
 

Room For Improvement

ArcSight ESM needs interface updates, better integration, improved performance, reporting, scaling, error handling, and enhanced technical support.
Google Chronicle Suite's interface and feature limitations challenge beginners; improvements in dashboards, navigation, and integration are needed.
The integration aspect of ArcSight Enterprise Security Manager (ESM) needs improvement.
The UI is the primary challenge in need of improvement.
The graphical user interface could be improved to enhance user experience.
 

Setup Cost

ArcSight ESM is costly but justifiable, with pricing based on EPS, scalable features, and possible bulk discounts.
Enterprise users find Google Chronicle's pricing based on data usage cheaper than competitors, but costs vary with additional features.
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools.
It's neither expensive nor cheap, and I believe it is a justified price for the features offered.
I experience Chronicle as less expensive and less complicated than Azure.
 

Valuable Features

ArcSight ESM offers seamless integration, scalability, customizable features, real-time monitoring, and extensive analytics for effective threat detection and response.
Google Chronicle Suite enhances security with AI-threat intelligence, fast detection, customizable dashboards, and cost-effective, scalable integration with Google services.
The ability to interpret data is highly valued.
They also combine their source solution into one product, allowing for out-of-the-box playbook creation and incident response.
The AI infused into the platform helps in investigations and rule creation.
The automated response feature allows for immediate actions like isolating infected machines or blocking malicious IP addresses.
 

Categories and Ranking

ArcSight Enterprise Securit...
Ranking in Security Information and Event Management (SIEM)
19th
Average Rating
7.8
Reviews Sentiment
7.5
Number of Reviews
97
Ranking in other categories
No ranking in other categories
Google Chronicle Suite
Ranking in Security Information and Event Management (SIEM)
11th
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
12
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of ArcSight Enterprise Security Manager (ESM) is 1.1%, down from 1.6% compared to the previous year. The mindshare of Google Chronicle Suite is 3.6%, up from 1.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Ramnesh  Dubey - PeerSpot reviewer
Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods
The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible. So, increasing the storage capacity is one area for improvement. Additionally, the real-time data retention is limited due to the 12 TB restriction. Depending on the Events Per Second (EPS) you receive, you might only be able to retain data for seven to ten days. Overall, the 12 TB limit is the main issue we face in terms of maximizing real-time data storage. Moreover, there are a few improvements I would like to see in future releases. My main suggestion for ArcSight is to simplify the deployment process. Currently, the installation process is quite complex. There are various components involved, including transformations, multiple installations, and containerization for various components. Ideally, I'd recommend that ArcSight allow the entire installation, including the ESM and database, to be completed within a single unified setup process for a streamlined experience. Additionally, having readily available and well-organized documentation for the step-by-step installation process would be incredibly helpful. I would also like to see better support.
Rene Schouten. - PeerSpot reviewer
Harnesses anomaly detection and automated response for efficient threat management
I really appreciate the anomaly detection and machine learning capabilities that identify unusual patterns without needing signatures. The automated response feature allows for immediate actions like isolating infected machines or blocking malicious IP addresses. It is also cost-effective, charged based on use per second rather than data volume. Additionally, the solution supports annual audits and ensures compliance.
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
15%
Manufacturing Company
11%
Government
9%
Computer Software Company
14%
Financial Services Firm
14%
Retailer
9%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.
What do you like most about Google Chronicle Suite?
Google Chronicle Suite is a highly scalable solution with good search capabilities.
What is your experience regarding pricing and costs for Google Chronicle Suite?
I experience Chronicle as less expensive and less complicated than Azure. While Azure is rated at an eight out of ten in terms of pricing, Chronicle is at a six out of ten.
What needs improvement with Google Chronicle Suite?
It is still not mature enough. If I create some content, there might be roadblocks, although this could change in the future. As of now, it is an immature solution with potential for improvement. I...
 

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight
No data available
 

Overview

 

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
Information Not Available
Find out what your peers are saying about ArcSight Enterprise Security Manager (ESM) vs. Google Chronicle Suite and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.