Home page logo
/

ArcSight SIEM platform

ArcSight provides a suite of tools for SIEM—security information and event management. The best-known seems to be ArcSight Enterprise Security Manager (ESM), described as the "brain" of the SIEM platform. It is a log analyzer and correlation engine designed to sift out important network events. The ESM itself is a standalone appliance, and the management programs run on Linux, Windows, AIX, and Solaris. For open-source alternatives see OSSEC HIDS and OSSIM. For downloads and more information, visit the ArcSight SIEM platform homepage.

Popularity #115, new!
Rating ★½ (2)
Homepage/Download
Wikipedia
Outdated/incomplete?
★★★★★ 
 0%
★★★★ 
 0%
★★★ 
 0%
★★ 
 50%
★ 
 50%

Comments

Anon

This is one of the worst tools I've ever used. It's clunky and requires a fat app to use it. The API is broken and not fully featured.

★★ Ben

Requires a full time employee to configure, administer and keep running. Incredibly finicky. Industry direction seems to be moving away from ArcSight since their acquisition by HP, towards Splunk and open source.

Your comment

Along with your rating, you can use the comment form to post a review, tutorial, tips and tricks, or anything else others will find useful. If you develop this software (or work for the company), please don't rate it. You may leave a clarifying comment as long as you state your affiliation and don't specify a star rating (just leave it as “No rating”).

 
 
  (will not be shown, will not be spammed)
(At least 50 characters. No markup is allowed. URLs will be made into links.)
 What is the standard TCP port number for the SSH service? (antispam)

Feed for updates.

Home

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]