Try our new research platform with insights from 80,000+ expert users

ArcSight Enterprise Security Manager (ESM) vs Trellix Helix Connect comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 2, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
8.9
ArcSight ESM can offer high ROI through threat detection, compliance, audits, and brand protection despite its costs and implementation challenges.
Sentiment score
6.2
Trellix Helix enhanced security, reduced costs, increased efficiency, minimized manual work, decreased downtime, and offered deeper security insights.
 

Customer Service

Sentiment score
5.7
ArcSight ESM customer service is mixed, with efficient initial responses but inconsistent, often slow technical support causing dissatisfaction.
Sentiment score
6.8
Trellix Helix Connect's customer service is praised for quick, efficient support despite minor delays, maintaining high user satisfaction.
If I raise a P1 or P0 ticket, the response time is often delayed by four to eight hours.
We experienced some challenges due to the ongoing transformation and fusion of McAfee and FireEye, but we are committed to improving response times.
 

Scalability Issues

Sentiment score
7.1
ArcSight ESM offers scalability and cloud support but faces high costs and EPS licensing challenges for growing event volumes.
Sentiment score
7.8
Trellix Helix Connect is scalable and favored by many, despite some considering cost as a limiting factor.
It lacks some capabilities compared to other tools available in the market.
We support the largest companies in the world and can cater to large environments.
 

Stability Issues

Sentiment score
7.1
ArcSight ESM is stable with configuration efforts, though deployment challenges and occasional issues arise under high-load conditions.
Sentiment score
8.4
Trellix Helix Connect is highly reliable with strong stability, minimal bugs, and crucial support for critical applications.
The stability of ArcSight Enterprise Security Manager (ESM) is not very robust.
The availability is high, which is critical for our customers who rely on a single panel of glass to operate.
 

Room For Improvement

ArcSight ESM needs interface updates, better integration, improved performance, reporting, scaling, error handling, and enhanced technical support.
Trellix Helix Connect requires enhancements in interface, integration, support, and pricing, despite praise for its AI capabilities.
The integration aspect of ArcSight Enterprise Security Manager (ESM) needs improvement.
We have just released the solutions to the market recently, making it a revolution in the cybersecurity sector.
 

Setup Cost

ArcSight ESM is costly but justifiable, with pricing based on EPS, scalable features, and possible bulk discounts.
Trellix Helix Connect is costly but valued for comprehensive security, especially for large enterprises and bundled solutions.
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools.
It is not the cheapest, but also not the most expensive solution.
 

Valuable Features

ArcSight ESM offers seamless integration, scalability, customizable features, real-time monitoring, and extensive analytics for effective threat detection and response.
Trellix Helix Connect offers seamless API integration, automation, and AI for efficient threat detection and incident resolution.
The ability to interpret data is highly valued.
Trellix Helix, as an AI XDR platform, helps our organization by offering an extensive number of connectors for integration, enabling us to consolidate all information in a single dashboard.
 

Categories and Ranking

ArcSight Enterprise Securit...
Ranking in Security Information and Event Management (SIEM)
19th
Average Rating
7.8
Reviews Sentiment
7.5
Number of Reviews
97
Ranking in other categories
No ranking in other categories
Trellix Helix Connect
Ranking in Security Information and Event Management (SIEM)
30th
Average Rating
8.8
Reviews Sentiment
6.9
Number of Reviews
11
Ranking in other categories
Security Incident Response (7th)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of ArcSight Enterprise Security Manager (ESM) is 1.1%, down from 1.6% compared to the previous year. The mindshare of Trellix Helix Connect is 0.5%, down from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Ramnesh  Dubey - PeerSpot reviewer
Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods
The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible. So, increasing the storage capacity is one area for improvement. Additionally, the real-time data retention is limited due to the 12 TB restriction. Depending on the Events Per Second (EPS) you receive, you might only be able to retain data for seven to ten days. Overall, the 12 TB limit is the main issue we face in terms of maximizing real-time data storage. Moreover, there are a few improvements I would like to see in future releases. My main suggestion for ArcSight is to simplify the deployment process. Currently, the installation process is quite complex. There are various components involved, including transformations, multiple installations, and containerization for various components. Ideally, I'd recommend that ArcSight allow the entire installation, including the ESM and database, to be completed within a single unified setup process for a streamlined experience. Additionally, having readily available and well-organized documentation for the step-by-step installation process would be incredibly helpful. I would also like to see better support.
BiswabhanuPanda - PeerSpot reviewer
You can use it for everything, incident response, automated responses, alerts, visibility
I would give the product an overall rating of eight out of 10. We have 10 people currently using this software. Six are on the list, plus two managers and two IR experts. It's not possible for just one person to maintain the solution, and it's not really allowed. It has to be a team effort, with two or three people. It's not about users. Helix works differently, collecting logs from 6,000 different sources integrated with the solution. The licensing is not based on users; it's based on APIs. It's more of a SIEM SGL type of platform. It collects logs from around 6,000. But have around 10 people maintaining that.
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
15%
Manufacturing Company
11%
Government
9%
Comms Service Provider
16%
Computer Software Company
15%
Manufacturing Company
13%
Financial Services Firm
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.
What do you like most about FireEye Helix?
Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks.
What is your experience regarding pricing and costs for FireEye Helix?
The price of Trellix Helix is competitive in the market. It is not the cheapest but also not the most expensive. As for additional costs beyond standard licensing fees, there are none.
What needs improvement with FireEye Helix?
I have just released this solution to the market, and my customers' response has been great. While Trellix Wise is seen as a top vendor with its AI implementation for accelerating incident investig...
 

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight
FireEye Helix, FireEye Threat Analytics
 

Overview

 

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
Police Bank, Verisk Analytics, Teck Resources
Find out what your peers are saying about ArcSight Enterprise Security Manager (ESM) vs. Trellix Helix Connect and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.