AWS Security Hub vs ArcSight Enterprise Security Manager (ESM) comparison

The compared OpenText and Amazon Web Services (AWS) solutions aren't in the same category. OpenText is ranked #21 in SIEM , with an average rating of 7.0, and holds a 1.1% mindshare in the category. Amazon Web Services (AWS) is ranked #14 in CSPM , with an average rating of 7.7, and holds a 4.2% mindshare. Additionally, 88% of OpenText users are willing to recommend the solution, compared to 87% of Amazon Web Services (AWS) users who would recommend it.

ArcSight Enterprise Securit...

Read 97 ArcSight Enterprise Security Manager (ESM) reviews

2,406 Views
1,060 Comparison Views

88% willing to recommend

AWS Security Hub

Read 22 AWS Security Hub reviews

3,640 Views
237 Comparison Views

87% willing to recommend

ArcSight Enterprise Securit...

AWS Security Hub

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

ArcSight Enterprise Security Manager ESM and AWS Security Hub are major contenders in the cybersecurity landscape. Users have expressed greater satisfaction with AWS Security Hub's scalability and ease of integration, indicating it may have the upper hand.

Features: ArcSight ESM offers comprehensive threat detection, incident management, and robust functionalities. AWS Security Hub provides seamless integration with AWS services, enhancing operational efficiency and scalability.

Room for Improvement: ArcSight ESM needs better analytics, more frequent updates, and improved user interface. AWS Security Hub users suggest enhancing multi-tenancy support, advanced customization options, and reporting capabilities.

Ease of Deployment and Customer Service: ArcSight ESM's deployment can be complex and time-consuming, but customer service is responsive. AWS Security Hub features a quicker deployment process and benefits from AWS's extensive customer service resources.

Pricing and ROI: ArcSight ESM's initial setup costs are high but justified by its extensive feature set. AWS Security Hub's pricing is more competitive; users achieve ROI sooner due to lower ongoing costs and faster time to value.

To learn more, read our detailed AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM) Report (Updated: October 2024).

Buyer's Guide

AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM)

October 2024

Download the complete report

Helped 856,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

ArcSight Enterprise Securit...

Average Rating

7.8

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (21st)

AWS Security Hub

Average Rating

7.6

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (14th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. ArcSight Enterprise Security Manager (ESM) is designed for Security Information and Event Management (SIEM) and holds a mindshare of 1.1%, down 1.5% compared to last year.
AWS Security Hub, on the other hand, focuses on Cloud Security Posture Management (CSPM), holds 4.2% mindshare, down 5.5% since last year.

Security Information and Event Management (SIEM)

Cloud Security Posture Management (CSPM)

Featured Reviews

Gaurav Ranade

CTO at Rah Infotech Pvt Ltd

Excels at performing regression and correlation on the data

ArcSight is a legacy technology, and many customers want AI-powered technologies integrated with it. That hasn't been done yet, but ArcSight needs to catch up with the newer solutions and technologies available in the market. It can't just rely on the legacy technology from 2010 or 2012. You can't run that in 2024. It's a legacy technology with its own limitations. Customers often face issues that other software or newer solutions can resolve easily. That's the main challenge we face from customers right now. So, the only concerns are that AI needs to be integrated and scalability improved. Those are the main areas to be improved.

Read full review

MuhammadAzhar Khan

Senior DevOps Engineer at Alibaba Group

Offers best practice recommendations and supports various compliance standards

Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It gives better overall visibility. Before, we didn't have a unified system for managing security alerts. ArcSight introduced various alerts, giving us a better visibility of potential problems."

"The webpage algorithm is the most valuable feature because it was the fastest feature for searching the logs, events, and correlation."

"The reports that we are from getting from ArcSight are very valuable. The reporting in ArcSight is good. Our regulators ask us for the reports on a regular basis, and we have been able to provide the required data. Its overall functionality in terms of log analysis and the speed at which it does that is also valuable. It is very quick. Whatever alerts we had configured were extremely fast. We immediately get alerts when there is unauthorized access or unknown access, or even positive access. This is where we found the difference between ArcSight and other solutions."

"ESM has valuable features for event prediction and security analysis."

"The tool is good for correlation and aggregation. We use it as a collection platform."

"The solution has gone beyond signature-based monitoring and analysis and is AI-powered. It is good enough to cover the full range of cybersecurity services."

"It is a very useful tool for intelligence building because it has many use cases and many rule sets."

"Some of the benefits of using this solution are rapid correlation and near-time response on alerts."

More ArcSight Enterprise Security Manager (ESM) pros

"The solution shows us our compliance score."

"Finding out if your infrastructure is secure is a valuable feature."

"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."

"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."

"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."

"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."

"I rate Security Hub ten out of ten for stability."

"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."

More AWS Security Hub pros

Cons

"We would like the ability to easily identify either unused resources or those that are being used sub-optimally."

"The initial setup could be more straightforward."

"The stability isn't quite perfect. We occasionally run into problems."

"The roadmap is not clear."

"Customer service during the transition from HPE to Micro Focus was abysmal where it became disruptive to our service delivery."

"They need to develop NetFlow appliances that can be installed in the customer network on span ports, collect NetFlow, and send it to ArcSight without relying on the devices' NetFlow capability and their position in the network."

"I would like for them to integrate mobile devices. Integration or any kind of functionality which will act as a substitute for IBM so that we can really track our mobile devices as well as look at SIEM."

"The visualization is not very good compared to Splunk."

More ArcSight Enterprise Security Manager (ESM) cons

"The solution lacks self-sufficiency."

"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."

"It is not flexible for multi-cloud environments."

"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."

"The solution should be easier to learn and use"

"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."

"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."

"Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."

More AWS Security Hub cons

Pricing and Cost Advice

"There is a license required for this solution."

"Thanks to Micro Focus's licensing model, as an MSSP, we are able to see a complete return on our investment almost immediately."

"It's a good price, it's one of the cheaper solutions."

"The pricing is great compared to others."

"The product licenses are inexpensive."

"The solution is super expensive. At our organization size and license model, I think the price is average to what anyone else would charge us."

"We have a license to use this solution. The price of ArcSight Enterprise Security Manager is expensive."

"Aggregation can help a lot in pushing down licensing costs."

More ArcSight Enterprise Security Manager (ESM) pricing and cost advice

"The price of the solution is not very competitive but it is reasonable."

"The price of AWS Security Hub is average compared to other solutions."

"AWS Security Hub's pricing is pretty reasonable."

"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."

"Security Hub is not an expensive solution."

"There are multiple subscription models, like yearly, monthly, and packaged."

"The pricing is fine. It is not an expensive tool."

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

856,873 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Jun 28, 2015

Qradar vs. ArcSight

Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…

Read full review

Top Industries

By visitors reading reviews

Financial Services Firm

20%

Computer Software Company

15%

Manufacturing Company

Government

Computer Software Company

15%

Financial Services Firm

13%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?

In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...

See all answers

What do you like most about ArcSight Enterprise Security Manager (ESM)?

We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.

See all answers

What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?

ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.

See all answers

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

See all answers

What do you like most about AWS Security Hub?

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.

See all answers

What needs improvement with AWS Security Hub?

There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just sugge...

See all answers

Comparisons

Trellix ESM vs ArcSight Enterprise Security Manager (ESM)

Compared 24% of the time

Splunk Enterprise Security vs ArcSight Enterprise Security Manager (ESM)

Compared 14% of the time

Elastic Security vs ArcSight Enterprise Security Manager (ESM)

Compared 10% of the time

Wazuh vs ArcSight Enterprise Security Manager (ESM)

Compared 6% of the time

Sentinel vs ArcSight Enterprise Security Manager (ESM)

Compared 3% of the time

More ArcSight Enterprise Security Manager (ESM) Competitors

Microsoft Sentinel vs AWS Security Hub

Compared 38% of the time

Wiz vs AWS Security Hub

Compared 12% of the time

Prisma Cloud by Palo Alto Networks vs AWS Security Hub

Compared 8% of the time

Microsoft Defender for Cloud vs AWS Security Hub

Compared 6% of the time

Google Chronicle Suite vs AWS Security Hub

Compared 4% of the time

More AWS Security Hub Competitors

Product Reports

Buyer's Guide

ArcSight Enterprise Security Manager (ESM)

April 2025

ArcSight Enterprise Security Manager (ESM) report

Download ArcSight Enterprise Security Manager (ESM) product report

Buyer's Guide

AWS Security Hub

June 2025

Download AWS Security Hub product report

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight

SQRRL

Overview

ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.

ArcSight Enterprise Security Manager (ESM) Features

Real-time threat detection
Visualization and reporting capabilities
Patented log management
Personalized dashboards
Scalable event monitoring
Seamless integration with your existing SOC tools
Behavior profiling
Data and user monitoring
Application monitoring
Analytics
Deployment/support simplicity

ArcSight Enterprise Security Manager (ESM) Benefits

Some of the benefits of using ESM include:

Real-time information: ArcSight ESM can correlate data from any source in real-time to detect incidents before they become a breach.

Compliance: Optional compliance packs enable packaged reports for PCI, SOX, and IT Governance.

Security analytics: With ArcSight ESM, you can build and maintain a security operation center (SOC) through big data security analytics.

Integration: ArcSight ESM allows you to integrate SOC with network operations, service desk, CMDB, business intelligence, Hadoop, email security, application security, threat feeds, and more.

Speed: ArcSight ESM provides excellent speed of event collection with patented log management tools.

Advanced detection: ArcSight ESM can detect unusual or unauthorized activities as they occur, preventing business disruptions.

Decrease threat exposure: By implementing ArcSight ESM, you reduce threat exposure because the solution detects threats in real time.

Operational efficiency: ArcSight ESM makes it possible for you to automate responses with ArcSight’s native SOAR, which saves your organization time, and therefore increases your operational efficiency.

Reviews from Real Users

Below are some reviews and helpful feedback written by ArcSight Enterprise Security Manager (ESM) users.

A Head of Professional Services at a computer software company says, “The simplicity of the solution is the most valuable aspect of the product. The product is quite mature. It's been around for a long time. The integration is easy for the most part.”

A Managing partner at a tech services company states that the solution is “Good at consolidating logs, fairly stable, and can scale.”

PeerSpot user Abbasi P., Vice President Derivatives Ops IT at a financial services firm, explains, “The user interfaces are quite good and speedy, and I like the consoles too. The typology and the setup are also good.”

A Chief Technological Officer at a tech services company says, "It is a very useful tool for intelligence building because it has many use cases and many rule sets."

An Associate Vice President at a consumer goods company comments, “We primarily use the solution for its technology including its independent logs, and those types of things. The solution offers very good monitoring. The product's log management and event management capabilities are excellent. There are a lot of really good analytical components. It helps us focus on analysis.”

OpenText

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments.

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.

Edmunds, Frame.io, GoDaddy, Realtor.com

Buyer's Guide

AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM)

October 2024

Free Report: AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM)

Find out what your peers are saying about AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM) and other solutions. Updated: October 2024.

DOWNLOAD NOW

856,873 professionals have used our research since 2012.

See our AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM) report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.