ArcSight SIEM platform
ArcSight provides a suite of tools for SIEM—security information and event management. The best-known seems to be ArcSight Enterprise Security Manager (ESM), described as the "brain" of the SIEM platform. It is a log analyzer and correlation engine designed to sift out important network events. The ESM itself is a standalone appliance, and the management programs run on Linux, Windows, AIX, and Solaris. For open-source alternatives see OSSEC HIDS and OSSIM. For downloads and more information, visit the ArcSight SIEM platform homepage.
- Popularity
- #115, new!
- Links
- Rating
- ★½ (2)
★★★★★0% ★★★★0% ★★★0% ★★50% ★50%
This is one of the worst tools I've ever used. It's clunky and requires a fat app to use it. The API is broken and not fully featured.
Requires a full time employee to configure, administer and keep running. Incredibly finicky. Industry direction seems to be moving away from ArcSight since their acquisition by HP, towards Splunk and open source.