When WannaCry attacks I can minimize the damage. My company had no protection at the time. We get alerts in ArcSight and then whenever a user got a copy of WannaCry and the WannaCry malware wants to connect to the mother ship, it alerts me in the ArcSight dashboard, and that helps us a lot. We then just go to the user and erase the malware.
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.
ArcSight Enterprise Security Manager (ESM) Features
Real-time...
ArcSight gives us better visibility into threats that were unknown earlier.
For the typical malware or intrusion, this solution assists us by identifying the symptoms based on network traffic from the application servers.
I think that the overall experience with this solution is good, but in particular, I think that the dashboards are quite interactive.
This process has helped to improve our organization because we have centralized the intra-group security equipment logs.
When WannaCry attacks I can minimize the damage. My company had no protection at the time. We get alerts in ArcSight and then whenever a user got a copy of WannaCry and the WannaCry malware wants to connect to the mother ship, it alerts me in the ArcSight dashboard, and that helps us a lot. We then just go to the user and erase the malware.
The webpage algorithm is the most valuable feature because it was the fastest feature for searching the logs, events, and correlation.
We do consulting and I get feedback from our clients that the product really helped them with compliance, especially with GDPR.