We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
It gives better overall visibility. Before, we didn't have a unified system for managing security alerts. ArcSight introduced various alerts, giving us a better visibility of potential problems.
Chief Executive Officer at a tech services company with 11-50 employees
Real User
Top 20
2023-06-30T15:06:57Z
Jun 30, 2023
The solution has gone beyond signature-based monitoring and analysis and is AI-powered. It is good enough to cover the full range of cybersecurity services.
Learn what your peers think about ArcSight Enterprise Security Manager (ESM). Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
ArcSight ESM allows us to find if someone is doing an administrative operation at inappropriate times of day or trying to do something they're not allowed to.
Head Global Alliances Director at Tech Mahindra Limited
Reseller
2022-07-04T18:39:00Z
Jul 4, 2022
What I found most valuable in ArcSight Enterprise Security Manager (ESM) is its good integration with third-party products. The solution also has good core capabilities.
We use ArcSight ESM for log analysis and security alerts. It warns us of threats and then helps us conduct a forensic investigation of a cyber attack or internal incident after it happens.
Security Engineer at a tech services company with 1,001-5,000 employees
Real User
2021-02-22T18:09:05Z
Feb 22, 2021
I really like the correlation part and the way the logs are correlated. I have never faced issues with parsing in this product. I like the way it parses, and everything is so clear to me.
Chief Information Officer at Bassein Catholic Co-Op Bank
Real User
2021-02-18T20:26:33Z
Feb 18, 2021
The reports that we are from getting from ArcSight are very valuable. The reporting in ArcSight is good. Our regulators ask us for the reports on a regular basis, and we have been able to provide the required data.
Its overall functionality in terms of log analysis and the speed at which it does that is also valuable. It is very quick. Whatever alerts we had configured were extremely fast. We immediately get alerts when there is unauthorized access or unknown access, or even positive access. This is where we found the difference between ArcSight and other solutions.
Information and Cyber Security Analyst at a financial services firm with 10,001+ employees
Real User
Top 20
2021-02-15T21:51:11Z
Feb 15, 2021
The filters and the ability to do what you want are the most valuable features. There is nothing that you cannot do in this solution. It has all the features, which makes it very dynamic.
Information Technology Security Consultant at Sify Technologies
Real User
2020-11-22T15:44:00Z
Nov 22, 2020
There are many features that are good for clients who are looking for a good SIEM solution. They like the ease of creating a business that is effective and impressive.
ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.
ArcSight Enterprise Security Manager (ESM) Features
Real-time...
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
It gives better overall visibility. Before, we didn't have a unified system for managing security alerts. ArcSight introduced various alerts, giving us a better visibility of potential problems.
ESM has valuable features for event prediction and security analysis.
The solution has gone beyond signature-based monitoring and analysis and is AI-powered. It is good enough to cover the full range of cybersecurity services.
It makes maintenance very easy.
The out-of-the-box rules that help us configure functioning rules within the environment are valuable.
I value the event correlation of this product.
It is a robust product and has multiple valuable features.
ArcSight ESM allows us to find if someone is doing an administrative operation at inappropriate times of day or trying to do something they're not allowed to.
The most valuable features of ArcSight ESM are ease of use and readily usable components.
ArcSight Enterprise Security Manager (ESM) works perfectly. It's a stable and scalable product.
What I found most valuable in ArcSight Enterprise Security Manager (ESM) is its good integration with third-party products. The solution also has good core capabilities.
The most valuable feature of ArcSight ESM is its ease of use.
Usability is the most valuable feature. The accessibility is quite good.
The stability of ArcSight Enterprise Security Manager is good.
We use ArcSight ESM for log analysis and security alerts. It warns us of threats and then helps us conduct a forensic investigation of a cyber attack or internal incident after it happens.
Feature-rich solution which provides better network visibility for improved security
Stable solution with good customer service support.
We have been satisfied with the support.
I am satisfied with the solution's stability.
I really like the correlation part and the way the logs are correlated. I have never faced issues with parsing in this product. I like the way it parses, and everything is so clear to me.
The reports that we are from getting from ArcSight are very valuable. The reporting in ArcSight is good. Our regulators ask us for the reports on a regular basis, and we have been able to provide the required data.
Its overall functionality in terms of log analysis and the speed at which it does that is also valuable. It is very quick. Whatever alerts we had configured were extremely fast. We immediately get alerts when there is unauthorized access or unknown access, or even positive access. This is where we found the difference between ArcSight and other solutions.
The filters and the ability to do what you want are the most valuable features. There is nothing that you cannot do in this solution. It has all the features, which makes it very dynamic.
The solution is pretty stable.
The most useful features are directories, price, and live reporting.
There are many features that are good for clients who are looking for a good SIEM solution. They like the ease of creating a business that is effective and impressive.
The solution offers very good monitoring.
The feature that I have found the most useful is that it can be deployed to the cloud.
The correlation feature is good.
The user interfaces are quite good and speedy.
The product is quite mature. It's been around for a long time.
ArcSight gives us better visibility into threats that were unknown earlier.
For the typical malware or intrusion, this solution assists us by identifying the symptoms based on network traffic from the application servers.
I think that the overall experience with this solution is good, but in particular, I think that the dashboards are quite interactive.
This process has helped to improve our organization because we have centralized the intra-group security equipment logs.