We performed a comparison between ArcSight Enterprise Security Manager (ESM) and Logpoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: ArcSight Enterprise Security Manager is praised for its well-designed dashboard, real-time reporting, and threat intelligence capabilities that leverage AI and correlation tools. Users also like ArcSight’s seamless integration and effortless management. Logpoint is noted for its advanced technology and extensive log-collection, parsing, and analysis mechanisms. ArcSight ESM users have recommended improvements in training, speed, and data administration. Logpoint can improve its dashboard customization, resource efficiency, network hierarchy diagrams, and agent deployment.
Service and Support: Some ArcSight ESM users have found the support to be responsive and helpful, while others have faced issues with slow response times and a lack of expertise. Logpoint's customer service receives high marks for its exceptional technical support and responsive engineers, but some users reported delays in receiving help from higher-level support.
Ease of Deployment: Some said that ArcSight ESM is straightforward to set up, while others noted that integration with other systems can be challenging and requires specialized knowledge. Logpoint's initial setup can be complex and time-consuming or fast and easy, depending on the user's experience and the organization’s size.
Pricing: Users consider the pricing of ArcSight ESM to be reasonable and affordable. Logpoint's fixed pricing model is seen as cost-effective and competitive.
ROI: ArcSight ESM delivers an ROI by helping clients achieve compliance objectives and prevent incidents. Logpoint makes costs more predictable and enables companies to generate revenue through security operation services.
"It is a very useful tool for intelligence building because it has many use cases and many rule sets."
"The most useful features are directories, price, and live reporting."
"The most valuable features of ArcSight ESM are the dashboards, ease of management for anyone, and simple for teams to provide reports related to cyber security. There are a lot of good features that are provided."
"Usability is the most valuable feature. The accessibility is quite good."
"Once the rules are defined, it becomes easy to detect changes and generate automated logs."
"We have been satisfied with the support."
"Stable solution with good customer service support."
"It makes maintenance very easy."
"We like the user and entity behaviour analytics (UEBA) and find it valuable."
"It is an AI technology because it is using machine learning technology. So far, there is nothing better out there for UEBA in terms of monitoring endpoints and user activity. It is using machine learning language, so it is right at the top. It provides that capability and monitors all the activities. It devises a baseline and monitors if there is any deviation from the baseline."
"The most valuable features are the ones that we use the most, which are the search and report facilities."
"The solution's user interface is quite simple, and the integration is better than other products."
"Technical support is responsive and very friendly."
"The most beneficial was being able to prove, with proper reports, that from a compliance perspective, the company is in control. The service part of LogPoint did modifications or did some additional work to have the proper reports defined."
"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."
"It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them."
"The initial setup is very complex. We had to architect a deployment which allowed us to incorporate an ever growing number of customers into our hosted instance of ArcSight."
"In certain cases, this product does have false positives, which the company should work on."
"They also could improve the product by integrating user and identity behavior analytics."
"Sometimes, it takes ages to get an issue resolved. I have ArcSight experience, so I normally try to fix things on my own or find a workaround, but it's tough to get support when I need it."
"There could be more API features for extracting logs on different devices included in the product."
"ArcSight ESM is not easy to use and it should be integrated with other tools that have infrastructure capabilities."
"It would be nice if the interface were more user-friendly, with, for example, a minimal number of tabs to navigate."
"The product should include a lot more predefined scenarios so the adopted company will have knowledge and a broader skill set in security and network."
"One of the things we faced last year was that we had some memory issues with the server running. We were running them as virtual services, and we were facing some performance issues. Back then, there were some things that had already been solved at the end, but one of the small issues we had was that it was quite memory-consuming. After one upgrade that we did, we faced some performance issues."
"Dashboards could be developed further."
"Sometimes, the product is not stable."
"LogPoint can improve its dashboards. We are not able to customize the dashboard when creating them. They only have preset dashboards which do not have exactly what we are looking for."
"LogPoint must find a way to integrate the servers without agents."
"The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."
"Logpoint is not flexible. Its documentation is not user-friendly."
"The solution should offer more integrations and third-party solutions like incident response platforms or allow access to third-party big data"
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while Logpoint is ranked 26th in Security Information and Event Management (SIEM) with 20 reviews. ArcSight Enterprise Security Manager (ESM) is rated 7.8, while Logpoint is rated 7.4. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, Trellix ESM, ArcSight Intelligence, IBM Security QRadar and Elastic Security, whereas Logpoint is most compared with IBM Security QRadar, Elastic Security, Rapid7 InsightIDR, Microsoft Sentinel and Wazuh. See our ArcSight Enterprise Security Manager (ESM) vs. Logpoint report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.