ArcSight SIEM platform

ArcSight provides a suite of tools for SIEM—security information and event management. The best-known seems to be ArcSight Enterprise Security Manager (ESM), described as the "brain" of the SIEM platform. It is a log analyzer and correlation engine designed to sift out important network events. The ESM itself is a standalone appliance, and the management programs run on Linux, Windows, AIX, and Solaris. For open-source alternatives see OSSEC HIDS and OSSIM. For downloads and more information, visit the ArcSight SIEM platform homepage.

Popularity
#115, new!
Links
Rating
★½ (2)
★★★★★
0% ★★★★
0% ★★★
0% ★★
50%
50%
Outdated/incomplete?

Comments

Anon

This is one of the worst tools I've ever used. It's clunky and requires a fat app to use it. The API is broken and not fully featured.

★★ Ben

Requires a full time employee to configure, administer and keep running. Incredibly finicky. Industry direction seems to be moving away from ArcSight since their acquisition by HP, towards Splunk and open source.

Comments disabled

Feed for updates.

Home