I will recommend the tool to others. It is a robust and scalable solution, but it is expensive. If the customers are willing to pay for the security, the robustness, and the scalability, ArcSight is one of the best products. Overall, I rate the product a ten out of ten.
People who want to use the tool must understand the range of products they will connect with ArcSight, their use cases, and what they are looking for. The configuration is done according to our requirements. Otherwise, the solution will be flooded with false alarms, and we will miss the important alerts. Overall, I rate the product an eight out of ten.
I recommend ArcSight Logger a seven out of ten. The product’s setup could be quite user-friendly. There could be a proper guide to understand the process.
Senior ArcSight and IBM resileint (SOAR) administrator at a comms service provider with 1,001-5,000 employees
Real User
Top 5
2023-05-18T15:19:00Z
May 18, 2023
If you are willing to work with ArcSight Logger, you must be aware of the security reasons as an institution. The security advantages should be known to understand the functionalities, and you also have to be familiar with VNX strategies. I rate the overall solution a three out of ten.
I give the solution an eight out of ten. Only a few people have access to ArcSight Logger due to the technical know-how required to use it. Not everyone is able to use the virtual as it involves sensitive information, so access is restricted to those with a technical background. ArcSight is not recommended for small environments. ArcSight is designed for large environments and requires specialized training. Furthermore, the community of users is not as vast as other vendors, such as Cisco, and VMware. There are better options available than ArcSight, which may better suit an organization's environment.
Founder & CEO at a security firm with 10,001+ employees
Real User
2020-02-17T07:42:26Z
Feb 17, 2020
We are involved with technology that allows us to solve problems for clients that they cannot solve themselves. These are often complex environments. This solution has still been in use over the past year. We have a client who has the full ArcSight Suite. We are working on a solution to phase out Logger in the coming year and replace it with Elastic or Splunk. We can replace ArcSight entirely by Splunk and use Elastic for fast search. We think that there is more progress in that platform. I would rate this solution a six out of ten.
Team Lead at a tech services company with 51-200 employees
Reseller
2020-02-16T08:27:00Z
Feb 16, 2020
I would advise anyone looking to implement this solution to have a good understanding of your infrastructure and to verify your architecture. You should be able to get an idea of their road map for the next five years to just verify what sort of effect it will be making on your system. On a scale of one to ten, I would rate it an eight.
Senior Security Analyst at a government with 201-500 employees
Real User
2020-02-09T08:17:00Z
Feb 9, 2020
I am the technical support person for all of our on-site components. My advice for anybody who is implementing this solution is to use ArcSight ESM to correlate the logs and display them on the dashboard. I would rate this solution an eight out of ten.
Information Security Senior Expert at Wafaassurance
Real User
2020-01-27T06:39:00Z
Jan 27, 2020
Arcsight was a technology we used for CM security information event management. We deployed it when I was an Information Security Senior Engineer in a company that provided electricity and water for Casablanca and neighboring cities. Arcsight was a requirement for the ISO27001 standard. It was a requirement because the company was certified. For the first audit, we presented the roadmap that contained the deployment of that kind of solution. After that, we launched an offering to different information system providers. We choose Arcsight as the CM solution. A requirement of our local regulator, due to the fact that we manipulate sensitive data, was that all data needed to be on-premises which is why we use that deployment model and not a cloud or a hybrid deployment. ArcSight is a good solution. I'd recommend it. However, I'd advise other companies to acquire a solution that responds to their needs. I'd rate the solution nine out of ten.
CISO at a financial services firm with 1,001-5,000 employees
Real User
2019-09-16T10:14:00Z
Sep 16, 2019
We are using the on-premises deployment model. There are people who say "Oh, ArcSight is losing its position and it's complex or it's not a good solution." I do not agree. I know that the biggest companies in the world are still working with ArcSight. It's the most comprehensive solution. It contains many features that are useful for enterprise-level organizations. If a company has a team that wants to go deeper and get the most features out of developing a real SOC, they should look for a very robust, scalable, multi-tenant solution. The solution should also be able to manage data analytics and to offer User Behavior Analytics. Arcsight offers this. This particular solution is perfect for big companies. Smaller companies should look for integrated solutions that do not necessarily scale. I would rate the solution nine out of ten.
Technical Consultant at a tech services company with 11-50 employees
Consultant
2019-08-11T06:27:00Z
Aug 11, 2019
I would rate this solution as ten out of ten. Whenever I talk about the product I tell the user to start easy, not to take the whole package and to try to use it quickly. Start with the basics, then you can ramp up fluidly. Sometimes the client or customer wants to take it urgently so at that moment it will be more difficult to use. I prefer to take the product step by step.
HPE ArcSight Data Platform (ADP) offers a future-ready data solution that enriches data in real time and supports open standards for better threat detection. Using security data connectors, ADP collects data and enriches it in real-time to give analysts organized information that can be acted upon instantly.
If you're adopting a new SIEM, I wouldn't recommend ArcSight. Overall, I would rate the solution a six out of ten.
Overall, I rate the product a 6 out of 10.
I will recommend the tool to others. It is a robust and scalable solution, but it is expensive. If the customers are willing to pay for the security, the robustness, and the scalability, ArcSight is one of the best products. Overall, I rate the product a ten out of ten.
People who want to use the tool must understand the range of products they will connect with ArcSight, their use cases, and what they are looking for. The configuration is done according to our requirements. Otherwise, the solution will be flooded with false alarms, and we will miss the important alerts. Overall, I rate the product an eight out of ten.
I recommend ArcSight Logger a seven out of ten. The product’s setup could be quite user-friendly. There could be a proper guide to understand the process.
I would rate the tool a seven out of ten.
If you are willing to work with ArcSight Logger, you must be aware of the security reasons as an institution. The security advantages should be known to understand the functionalities, and you also have to be familiar with VNX strategies. I rate the overall solution a three out of ten.
I give the solution an eight out of ten. Only a few people have access to ArcSight Logger due to the technical know-how required to use it. Not everyone is able to use the virtual as it involves sensitive information, so access is restricted to those with a technical background. ArcSight is not recommended for small environments. ArcSight is designed for large environments and requires specialized training. Furthermore, the community of users is not as vast as other vendors, such as Cisco, and VMware. There are better options available than ArcSight, which may better suit an organization's environment.
I rate this solution an eight out of ten. The solution is good, but the dashboard can be improved.
I rate ArcSight Logger eight out of 10.
I would recommend ArcSight Logger and rate it at seven on a scale from one to ten.
I would rate this solution a five out of ten.
We are involved with technology that allows us to solve problems for clients that they cannot solve themselves. These are often complex environments. This solution has still been in use over the past year. We have a client who has the full ArcSight Suite. We are working on a solution to phase out Logger in the coming year and replace it with Elastic or Splunk. We can replace ArcSight entirely by Splunk and use Elastic for fast search. We think that there is more progress in that platform. I would rate this solution a six out of ten.
I would advise anyone looking to implement this solution to have a good understanding of your infrastructure and to verify your architecture. You should be able to get an idea of their road map for the next five years to just verify what sort of effect it will be making on your system. On a scale of one to ten, I would rate it an eight.
I am the technical support person for all of our on-site components. My advice for anybody who is implementing this solution is to use ArcSight ESM to correlate the logs and display them on the dashboard. I would rate this solution an eight out of ten.
Arcsight was a technology we used for CM security information event management. We deployed it when I was an Information Security Senior Engineer in a company that provided electricity and water for Casablanca and neighboring cities. Arcsight was a requirement for the ISO27001 standard. It was a requirement because the company was certified. For the first audit, we presented the roadmap that contained the deployment of that kind of solution. After that, we launched an offering to different information system providers. We choose Arcsight as the CM solution. A requirement of our local regulator, due to the fact that we manipulate sensitive data, was that all data needed to be on-premises which is why we use that deployment model and not a cloud or a hybrid deployment. ArcSight is a good solution. I'd recommend it. However, I'd advise other companies to acquire a solution that responds to their needs. I'd rate the solution nine out of ten.
I would rate it an eight out of ten.
We are using the on-premises deployment model. There are people who say "Oh, ArcSight is losing its position and it's complex or it's not a good solution." I do not agree. I know that the biggest companies in the world are still working with ArcSight. It's the most comprehensive solution. It contains many features that are useful for enterprise-level organizations. If a company has a team that wants to go deeper and get the most features out of developing a real SOC, they should look for a very robust, scalable, multi-tenant solution. The solution should also be able to manage data analytics and to offer User Behavior Analytics. Arcsight offers this. This particular solution is perfect for big companies. Smaller companies should look for integrated solutions that do not necessarily scale. I would rate the solution nine out of ten.
This is a solution that is straightforward and easy to use. It is user-friendly and not complex. I would rate this solution an eight out of ten.
I would rate this solution as ten out of ten. Whenever I talk about the product I tell the user to start easy, not to take the whole package and to try to use it quickly. Start with the basics, then you can ramp up fluidly. Sometimes the client or customer wants to take it urgently so at that moment it will be more difficult to use. I prefer to take the product step by step.
I would rate it a nine out of ten. I wouldn't give any solution a perfect ten.