Description de ArcSight

User behavior analytics and vulnerability management solution that helps identify internal and external threats.

Qui utilise ArcSight ?

Designed for all business sizes, it is a vulnerability management solution that helps monitor applications for internal and external threats.

Informations sur ArcSight

Micro Focus

Fondé en 1982

Informations sur ArcSight

Micro Focus

Fondé en 1982

ArcSight en vidéos et en images

Vidéo de ArcSight

Comparez le prix du logiciel ArcSight avec ses alternatives

ArcSight

Image non disponible
Logiciel sélectionné

À partir de

N/A
N/A
499,00 $US/mois
N/A

Version gratuite

Version gratuite Non
Version gratuite Non
Version gratuite Non
Version gratuite Non

Essai gratuit

Essai gratuit Non
Essai gratuit Oui
Essai gratuit Non
Essai gratuit Non

Déploiement et prise en charge de ArcSight

Ressources d'aide

  • Service client/e-mail
  • Base de connaissances
  • Support téléphonique

Déploiement

  • Cloud, SaaS, web
  • Windows (ordinateur)

Formation

  • Documentation

Fonctionnalités - ArcSight

  • API
  • Alertes/Notifications
  • Analyse de code source
  • Analyse de la vulnérabilité
  • Analyse des risques
  • Analyse du réseau
  • Analyse en temps réel
  • Analyse web
  • Classement des vulnérabilités et menaces
  • Contrôles/Permissions d'accès
  • Crawling de sites web
  • Détection d'anomalies et malware
  • Détection de ressources
  • Injections SQL
  • Intervention en cas de menace
  • Protection contre les failles
  • Protection contre les menaces
  • Protection des mots de passe
  • Rapports et analyses
  • Sécurité SSL
  • Sécurité des applications
  • Sécurité des applications web
  • Sécurité des runtime containers
  • Sécurité réseau
  • Threat intelligence
  • Évaluation des vulnérabilités

Logiciels d'analyse de vulnérabilité : afficher la liste complète

  • API
  • Alertes de risque
  • Alertes et remontée des problèmes
  • Alertes/Notifications
  • Analyse de la vulnérabilité
  • Analyse des comportements
  • Analyse des risques
  • Analyse en temps réel
  • Analyse médico-légale
  • Analyse prédictive
  • Audit de sécurité
  • Conforme HIPAA
  • Conformité PCI
  • Création de tableaux de bord
  • Données en temps réel
  • Définition des priorités
  • Gestion de la conformité
  • Gestion des audits
  • Gestion des correctifs
  • Gestion des fichiers
  • Gestion des incidents
  • Gestion des journaux
  • Gestion des points de terminaison
  • Gestion des stratégies
  • Gestion des utilisateurs
  • Importation et exportation de données
  • Intégrations de tiers
  • Journaux des événements
  • Monitoring
  • Monitoring réseau
  • Notifications en temps réel
  • Piste d'audit
  • Rapports de disponibilité
  • Rapports de trafic web
  • Rapports en temps réel
  • Rapports et statistiques
  • Rapports personnalisables
  • Recherche/Filtre
  • Suivi comportemental
  • Suivi de l'activité des utilisateurs
  • Suivi de la conformité
  • Suivi des activités
  • Suivi des serveurs
  • Suivi des événements
  • Surveillance de l'intégrité des fichiers
  • Surveillance en temps réel
  • Sécurité des applications
  • Tableau de bord d'activités
  • Threat intelligence
  • Visualisation de données

Outils SIEM (Security Information Event Management) : afficher la liste complète

  • API
  • Alertes de risque
  • Alertes et remontée des problèmes
  • Alertes par e-mail
  • Alertes/Notifications
  • Analyse de la vulnérabilité
  • Analyse des risques
  • Analyse du réseau
  • Analyse en temps réel
  • Analyse web
  • Antivirus
  • Audit de sécurité
  • Authentification
  • Authentification à 2 facteurs
  • Autorisations basées sur les rôles
  • Conforme HIPAA
  • Conformité PCI
  • Contrôles/Permissions d'accès
  • Données en temps réel
  • Définition des priorités
  • Détection de ressources
  • Gestion de la conformité
  • Gestion des audits
  • Gestion des correctifs
  • Gestion des incidents
  • Gestion des risques
  • Gestion des stratégies
  • Gestion des utilisateurs
  • Gestion des évaluations
  • Intégrations de tiers
  • Journaux des événements
  • Monitoring
  • Notifications en temps réel
  • Piste d'audit
  • Rapports en temps réel
  • Rapports et analyses
  • Rapports et statistiques
  • Rapports personnalisables
  • Recherche/Filtre
  • Suivi des activités
  • Suivi des serveurs
  • Suivi des statuts
  • Suivi des événements
  • Surveillance en temps réel
  • Surveillance et gestion à distance
  • Tableau de bord d'activités
  • Visualisation de données
  • Étiquetage des ressources
  • Évaluation des risques
  • Évaluation des vulnérabilités

Outils de test de vulnérabilité : afficher la liste complète

Alternatives à ArcSight

Plus d'alternatives à ArcSight

Avis sur ArcSight

Lire les 11 avis

Note moyenne

Note globale
4
Facilité d'utilisation
3,6
Service client
3,5
Fonctionnalités
4,3
Rapport qualité-prix
3,9

Avis classés par note

5
3
4
5
3
3

Avis classés par taille de l'entreprise (nombre d'employés)

  • <50
  • 51-200
  • 201-1 000
  • >1 001
Alexander Z.
Alexander Z.
Account Manager (Bulgarie)
Utilisateur LinkedIn vérifié
Informatique et sécurité réseau, 11-50 employés
Temps d'utilisation du logiciel : 6 à 12 mois
Source de l'avis

Heart of the SOC

5 il y a 2 ans

Commentaires : Our company and our partners facing a lot incidents masked as a normal events. The SIEM helped us to be protected and to prioritize the events, based of the security risk. Automations of the responses is the other feauture that is a key differentiator.

Avantages :

Very powerful SIEM with plenty of predefined corellation scenarios. Could be integrate easily with almost everything.

Inconvénients :

For new users could be a little difficult to play with, but there are a lot of training materials and courses.

Utilisateur vérifié
Senior Security Engineer (Turquie)
Utilisateur LinkedIn vérifié
Banque, 5 001-10 000 employés
Temps d'utilisation du logiciel : plus de deux ans
Source de l'avis

It provides powerful features to make every operation with received logs.

4 il y a 3 ans

Commentaires : I have been using this product for about 3 years. We use ESM and Logger products. As a SIEM solution, we are able to host this product in our environment. We monitor the alarm and correlation rules, abnormal activities and cyber threats, which we write through the logs we receive from various security products and applications in our environment and monitor our incident response processes.

Avantages :

ArcSight supports functions such as processing, categorizing, normalizing, converting alarms and correlations and receiving reports on SIEM with very powerful search and filter operators. The product also supports making and running trend reports. It offers very powerful features for SIEM. It has features that provide great flexibility on logs. My favorite feature is the trend report. With this feature, real-time logs over the logs of the report to match the results of the report with a different database to get instant reports to access the report provide quick access.

Inconvénients :

Ticket management feature is one of the least favorite features. It does not have an interface that can be easily adapted and applied according to your environment. If you want to use this feature, you need professional support and software support.

Réponse de l'équipe de Micro Focus

il y a 2 ans

Thank you for the 4-star review, it is very much appreciated. We did note your comments about your `least favorite feature? and this certainly helps us build a better product. ArcSight has Case Management; that is different from Ticket Management. Ticket Management is more of a support function / ITSM issue; and while ArcSight does have connectors for ServiceNow, we know it's been problematic for some customers. As you point out, we typically recommend that Professional Services be engaged as each implementation has its idiosyncrasies. That said, improving this area is a KPI for us and we will be looking at options as we move to advance the ?Open? portion of our strategy in late 2019. We'd be happy to hear your thoughts / recommendations in more depth.

Utilisateur vérifié
Manager Information Systems Security (Sri Lanka)
Utilisateur LinkedIn vérifié
Services financiers, 1 001-5 000 employés
Temps d'utilisation du logiciel : plus de deux ans
Source de l'avis

Arcsight - Good but complex SIEM solution

3 il y a 10 mois

Commentaires : Arcsight ESM is a powerful but complex tool that needs deep knowledge of the product.

Avantages :

We are using Arcsight ESM and Logger for event logging and correlation. Events correlation is done at the ESM level and provides better visibility on organizations' security posture. Dashboards and reports can be generated on ESM and further, it facilitates case management so we can open a case on the tool itself. Arcsight was one of the most demanding tools at the time we implemented the tool. ESM's log supporting surface is very high and almost all the types of logs are supported which is one of the best features of the tool. Further logs can be routed through the smart connectors and through these connectors EPS count can be managed which is a good option when it comes to licensing. I like the option of Flex connectors which can be used for integrating non supporting devices or logs.

Inconvénients :

Arcsight Smart connector setup needs deep knowledge of the tool and configuration is a bit hectic task. Flex connector configuration and correlation configuration is another complex task that cannot be done without product knowledge. Further case management tools need more features with a simple view. First level support should have a technically savvy team. Most of the time the first level support team provides generic solutions and references to knowledge-based articles rather than studying the case.

Sebnem V.
Senior Information Security Specialist (É.-U.)
Services financiers, 10 000+ employés
Temps d'utilisation du logiciel : plus de deux ans
Source de l'avis

Micro Focus ArcSight SIEM

5 il y a 2 ans

Commentaires : We have a lot of security products and applications. We gather all logs from these products and we can easily manage our logs according to rules. Reporting module and dashboard are the best feature of this product.

Avantages :

We have been using Arcsight SIEM tool in Information Security department in our organization since 2013. We can integrated this product with all other security management products such as Firewall, IPS, Antivirus, Web Filtering etc. also in house softwares easily. We can gather all logs from these products and create rules and manage logs according to rules. Dashboard and alarm mechanism are done well.

Inconvénients :

Sometimes we have some problems with search mechanism, it needs some improvements. Because of our big organization and large products which gather logs sometimes we have problems with troubleshooting issues that is little bit hard for us.

Réponse de l'équipe de Micro Focus

il y a 2 ans

My name is Michael Mychalczuk, and I am the Director Of Product Management for Micro Focus' Security Operations portfolio which includes ArcSight. I would like to personally take a moment, and thank you for the review you provided. We are thrilled that you were able to find the product feature rich, easy to use, and find value in the solution. We do agree that there is more we can do in making the product easier to use, and we are working to make that happen in the near future. In fact, any suggestions you might have to improve ArcSight, please do not hesitate to submit them to the Idea Exchange: https://community.microfocus.com/t5/ArcSight-Idea-Exchange/idb-p/ArcSightIdeas. Speaking for the entire ArcSight product team nothing makes us happier than finding someone who is very likely to recommend us to other.

Utilisateur vérifié
Cyber Security Engineer (Turquie)
Utilisateur LinkedIn vérifié
Banque, 5 001-10 000 employés
Temps d'utilisation du logiciel : plus de deux ans
Source de l'avis

World of Data

4 il y a 3 ans

Commentaires : The ArcSight product is seen as one of the leaders and leaders in the Safety Information and Event Management category, according to Gartner's Magic Quadrant report. ArcSight's approach is to create a single point of communication for observation and control. Gathers all appropriate event data and puts it into a standard form. It collects at a central location for analysis. As a result, the company allows you to easily monitor and, if necessary, take measures. This increases your compliance with your legal requirements and business continuity.

Avantages :

The most important feature of Arcsight is that it is the only point of communication for observation and control. collects all appropriate data and puts it into a standard form. these data are stored on a hard disk and are expected to be analyzed. With arcsight, it is monitored with the help of side applications and with the help of monitoring tool (see arcsight esm).

Inconvénients :

The ESM platform is Java. This causes slowness and excessive welding in intensive processes.