The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
One of the most valuable features of ArcSight Intelligence is its ease of use. This is not just one functionality; multiple aspects contribute to it. For instance, it's easy to write rules, and as you do so, the rules get populated automatically, making it simple to understand the commands.
The product could be improved in several areas; it currently requires significant enhancement. Compared to QRadar and Splunk, ArcSight Intelligence falls behind, placing it as the third choice among these software options.
We have been using ArcSight Intelligence for two and a half years.
We haven't found the product fully scalable. The scalability depends on the support resources provided by the partner.
The technical support team is capable of resolving issues. However, sometimes, their feedback is not sufficient to solve the problem.
Positive
I prefer Splunk because it offers more functionality and intelligence than ArcSight Intelligence.
Deployment took about a month to complete, but the final fine-tuning took longer, spanning several months. Each server and network device had different requirements, which prolonged the process. It eventually got settled in three months, approximately 90 days.
They offer perpetual licenses for the product.
We integrated this tool with our security infrastructure. We installed it on a Linux server, where we have a Logger and ESM installed. With the Linux server as the hub, we manage all the configurations and rules, including those for email triggers. The logs are routed through a connector to the Logger, allowing us to monitor our infrastructure effectively.
The platform helps us improve threat detection capabilities. I recommend it to others and rate it a seven out of ten.
I have limited direct contact with end-users, but as far as I know, customers use Cynet for real-time threat detection and integrate it with other solutions.
In terms of incident response, Cynet can contain attacks, offer a trial period to customers, and uninstall if not continued. The most valuable aspect is its integration capabilities, covering endpoints and network data for a comprehensive view of threats.
I cannot provide more details about Cynet's automation features. While Cynet claims to be automated, the specifics of this automation are unclear. They claim to have a high capability to detect and block attacks, but I am cautious about companies that claim to solve every problem without limitations. It does help in identifying malware on the network but doesn't specifically identify vulnerabilities.
I have been user of Cynet since 1.5 years.
I don't have direct experience with Cynet's tech support, but I assume they are good based on general feedback.
I don't have direct experience with setting up Cynet, but I believe it involves on-premises installation for certain components while the console is in the cloud.
I don't have specific information about integration capabilities or licensing costs.
I cannot personally rate the product, but in general it can be almost eight or seven. I would recommend Cynet to others, especially for integrated MDR solutions. The perceived value of Cynet lies in its effectiveness in saving customers from aggressive attacks and critical situations.
