ArcSight

4.1 (12)
Write a Review!
Vulnerability scanning and threat intelligence software

About ArcSight

ArcSight is a vulnerability scanning software that helps businesses utilize machine learning technology to detect threats, handle investigations, create prioritized event lists, and more on a centralized platform. It enables staff members to extract entities from log files and observe events and behavior across users, IP addresses, servers, and machines.

ArcSight allows administrators to identify vulnerabilities and threats, such as privileges account misuse, terminated employee activity, data staging, email exfiltration, malicious tunneling, and mooching. The timeline view lets employees view entity alerts in chronological order, optimizing risk assessment operations. It also lets IT professionals examine the context of generated alerts with details, such as associated entities, model that triggered the alert.

ArcSight offers an API, which allows businesses to integrate the platform with several third-party solutions. It enables supervisors to schedule reports, monitor entity behavior, create custom org charts, manage regulatory compliance, and more.


Images

ArcSight Software - ArcSight anomalies
ArcSight Software - ArcSight timeline view
ArcSight Software - ArcSight events data
View 3 more
ArcSight Software - ArcSight anomalies
ArcSight Software - ArcSight timeline view
ArcSight Software - ArcSight events data

Not sure about ArcSight? Compare with a popular alternative

ArcSight

4.1 (12)
VS.
Highly reviewed

Starting Price

No pricing found
US$15.00
month

Pricing Options

Free version
Free trial
Free version
Free trial

Features

14
154

Integrations

No integrations found
166

Ease of Use

3.8 (12)
4.2 (244)

Value for Money

4.0 (12)
4.1 (244)

Customer Service

3.7 (12)
4.2 (244)
Green rating bars show the winning product based on the average rating and number of reviews.

Alternatives

Datadog

4.6
#1 Alternative to ArcSight
Secure your tech stack with Datadog Security Monitoring's real-time threat detection. Set up key security integrations...

IBM Security QRadar

4.5
#2 Alternative to ArcSight
IBM QRadar SIEM is a security information & event management software for security teams to accurately detect and...

Logsign Unified SO Platform

4.9
#3 Alternative to ArcSight
Logsign Unified SO Platform delivers comprehensive threat detection, investigation, and response (TDIR) through...

Managed Detection and Response (MDR)

0
#4 Alternative to ArcSight
Managed Detection and Response (MDR) is a cloud-based software designed to help businesses detect, investigate, and...

Reviews

Overall rating

4.1 /5
(12)
Value for Money
4/5
Features
4.3/5
Ease of Use
3.8/5
Customer Support
3.7/5

Already have ArcSight?

Software buyers need your help! Product reviews help the rest of us make great decisions.

Showing 5 reviews of 12
Alexander
Alexander
Overall rating
  • Industry: Computer & Network Security
  • Company size: 11–50 Employees
  • Used Weekly for 6-12 months
  • Review Source

Overall rating

  • Value for Money
  • Ease of Use
  • Customer Support
  • Likelihood to recommend 10.0 /10

Heart of the SOC

Reviewed on 5/12/2019

Our company and our partners facing a lot incidents masked as a normal events. The SIEM helped us...

Our company and our partners facing a lot incidents masked as a normal events. The SIEM helped us to be protected and to prioritize the events, based of the security risk. Automations of the responses is the other feauture that is a key differentiator.

Pros

Very powerful SIEM with plenty of predefined corellation scenarios. Could be integrate easily with almost everything.

Cons

For new users could be a little difficult to play with, but there are a lot of training materials and courses.

Alternatives Considered

IBM Security QRadar
Verified Reviewer
Overall rating
  • Industry: Banking
  • Company size: 5,001–10,000 Employees
  • Used Daily for 2+ years
  • Review Source

Overall rating

  • Value for Money
  • Ease of Use
  • Customer Support
  • Likelihood to recommend 8.0 /10

It provides powerful features to make every operation with received logs.

Reviewed on 4/05/2019

I have been using this product for about 3 years. We use ESM and Logger products. As a SIEM...

I have been using this product for about 3 years. We use ESM and Logger products. As a SIEM solution, we are able to host this product in our environment. We monitor the alarm and correlation rules, abnormal activities and cyber threats, which we write through the logs we receive from various security products and applications in our environment and monitor our incident response processes.

Pros

ArcSight supports functions such as processing, categorizing, normalizing, converting alarms and correlations and receiving reports on SIEM with very powerful search and filter operators. The product also supports making and running trend reports. It offers very powerful features for SIEM. It has features that provide great flexibility on logs. My favorite feature is the trend report. With this feature, real-time logs over the logs of the report to match the results of the report with a different database to get instant reports to access the report provide quick access.

Cons

Ticket management feature is one of the least favorite features. It does not have an interface that can be easily adapted and applied according to your environment. If you want to use this feature, you need professional support and software support.

Alternatives Considered

IBM Security QRadar and Logsign Unified SO Platform

Reasons for Switching to ArcSight

Especially because of the aforementioned features that I have mentioned above. We have chosen to buy this product because the product seamlessly supports superior features such as processing, categorizing, interpreting, analyzing, alarming and correlating logs, and successfully performing the desired actions on logs.

Response from OpenText

Thank you for the 4-star review, it is very much appreciated. We did note your comments about your `least favorite feature? and this certainly helps us build a better product. ArcSight has Case Management; that is different from Ticket Management. Ticket Management is more of a support function / ITSM issue; and while ArcSight does have connectors for ServiceNow, we know it's been problematic for some customers. As you point out, we typically recommend that Professional Services be engaged as each implementation has its idiosyncrasies. That said, improving this area is a KPI for us and we will be looking at options as we move to advance the ?Open? portion of our strategy in late 2019. We'd be happy to hear your thoughts / recommendations in more depth.

Verified Reviewer
Overall rating
  • Industry: Financial Services
  • Company size: 1,001–5,000 Employees
  • Used Daily for 2+ years
  • Review Source

Overall rating

  • Value for Money
  • Ease of Use
  • Customer Support
  • Likelihood to recommend 8.0 /10

Arcsight - Good but complex SIEM solution

Reviewed on 22/01/2021

Arcsight ESM is a powerful but complex tool that needs deep knowledge of the product.

Arcsight ESM is a powerful but complex tool that needs deep knowledge of the product.

Pros

We are using Arcsight ESM and Logger for event logging and correlation. Events correlation is done at the ESM level and provides better visibility on organizations' security posture. Dashboards and reports can be generated on ESM and further, it facilitates case management so we can open a case on the tool itself. Arcsight was one of the most demanding tools at the time we implemented the tool. ESM's log supporting surface is very high and almost all the types of logs are supported which is one of the best features of the tool. Further logs can be routed through the smart connectors and through these connectors EPS count can be managed which is a good option when it comes to licensing. I like the option of Flex connectors which can be used for integrating non supporting devices or logs.

Cons

Arcsight Smart connector setup needs deep knowledge of the tool and configuration is a bit hectic task. Flex connector configuration and correlation configuration is another complex task that cannot be done without product knowledge. Further case management tools need more features with a simple view. First level support should have a technically savvy team. Most of the time the first level support team provides generic solutions and references to knowledge-based articles rather than studying the case.

Sebnem
Overall rating
  • Industry: Financial Services
  • Company size: 10,000+ Employees
  • Used Daily for 2+ years
  • Review Source

Overall rating

  • Value for Money
  • Ease of Use
  • Customer Support
  • Likelihood to recommend 8.0 /10

Micro Focus ArcSight SIEM

Reviewed on 25/02/2020

We have a lot of security products and applications. We gather all logs from these products and we...

We have a lot of security products and applications. We gather all logs from these products and we can easily manage our logs according to rules. Reporting module and dashboard are the best feature of this product.

Pros

We have been using Arcsight SIEM tool in Information Security department in our organization since 2013. We can integrated this product with all other security management products such as Firewall, IPS, Antivirus, Web Filtering etc. also in house softwares easily. We can gather all logs from these products and create rules and manage logs according to rules. Dashboard and alarm mechanism are done well.

Cons

Sometimes we have some problems with search mechanism, it needs some improvements. Because of our big organization and large products which gather logs sometimes we have problems with troubleshooting issues that is little bit hard for us.

Reasons for Switching to ArcSight

This product enables the detection and prevention of attacks by establishing connections between the logs (correlation). Normalization and correlation features are the best of this product.

Response from OpenText

My name is Michael Mychalczuk, and I am the Director Of Product Management for Micro Focus' Security Operations portfolio which includes ArcSight. I would like to personally take a moment, and thank you for the review you provided. We are thrilled that you were able to find the product feature rich, easy to use, and find value in the solution. We do agree that there is more we can do in making the product easier to use, and we are working to make that happen in the near future. In fact, any suggestions you might have to improve ArcSight, please do not hesitate to submit them to the Idea Exchange: https://community.microfocus.com/t5/ArcSight-Idea-Exchange/idb-p/ArcSightIdeas. Speaking for the entire ArcSight product team nothing makes us happier than finding someone who is very likely to recommend us to other.

Verified Reviewer
Overall rating
  • Industry: Computer & Network Security
  • Company size: 2–10 Employees
  • Used Daily for 2+ years
  • Review Source

Overall rating

  • Value for Money
  • Ease of Use
  • Customer Support
  • Likelihood to recommend 10.0 /10

ArcSight Review

Reviewed on 24/11/2023

Pros

ArcSight is a SIEM tool. Which is used to collecting, analyzing and managing the logs from multiple log sources.

Cons

Its all good but it has components which we have to install and use separately. It should be all in one like Splunk.

Showing 5 reviews of 12 Read all reviews

ArcSight FAQs

Below are some frequently asked questions for ArcSight.

ArcSight offers the following pricing plans:

  • Free Trial: Not Available

Please contact OpenText directly for pricing details.

ArcSight has the following typical customers:

Self Employed, 2–10, 11–50, 51–200, 201–500, 501–1,000, 1,001–5,000

ArcSight supports the following languages:

English

ArcSight supports the following devices:

We do not have any information about what integrations ArcSight has

ArcSight offers the following support options:

Email/Help Desk, Knowledge Base, Phone Support

Related categories

See all software categories found for ArcSight.