ArcSight Enterprise Security Manager (ESM) is a comprehensive threat detection, analysis, triage, and compliance management SIEM platform that dramatically reduces the time to mitigate cyber-security threats.
I like the aggregation capability of folding multiple events into a single event, to save space and search faster.
What do you dislike?
My client has had this product for many years and there are bugs that they reported in the first months of using it that are acknowledged but are still not patched. We are done. We are moving to Splunk.
What business problems are you solving with the product? What benefits have you realized?
We (like everybody) use this for a SIEM at the core of our security posture/defense and it is definitely well-suited for this.
* We monitor all ArcSight ESM reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.