Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs OpenText Enterprise Security Manager comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Security Hub
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
22
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (14th)
OpenText Enterprise Securit...
Average Rating
7.8
Reviews Sentiment
7.5
Number of Reviews
97
Ranking in other categories
Security Information and Event Management (SIEM) (21st)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. AWS Security Hub is designed for Cloud Security Posture Management (CSPM) and holds a mindshare of 4.0%, down 5.5% compared to last year.
OpenText Enterprise Security Manager, on the other hand, focuses on Security Information and Event Management (SIEM), holds 1.2% mindshare, down 1.4% since last year.
Cloud Security Posture Management (CSPM)
Security Information and Event Management (SIEM)
 

Featured Reviews

MuhammadAzhar Khan - PeerSpot reviewer
Offers best practice recommendations and supports various compliance standards
Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.
Gaurav Ranade - PeerSpot reviewer
Excels at performing regression and correlation on the data
ArcSight is a legacy technology, and many customers want AI-powered technologies integrated with it. That hasn't been done yet, but ArcSight needs to catch up with the newer solutions and technologies available in the market. It can't just rely on the legacy technology from 2010 or 2012. You can't run that in 2024. It's a legacy technology with its own limitations. Customers often face issues that other software or newer solutions can resolve easily. That's the main challenge we face from customers right now. So, the only concerns are that AI needs to be integrated and scalability improved. Those are the main areas to be improved.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."
"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"Very good at detection and providing real-time alerts."
"I find all of the features to be highly valuable."
"The most beneficial aspect of Security Hub is its proactive capability, allowing us to identify potential security issues before they escalate."
"The solution shows us our compliance score."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"SmartConnector: Normalization parses raw logs and converts them into CEF (common event format). This is the core of the product."
"The most valuable features of ArcSight ESM are the dashboards, ease of management for anyone, and simple for teams to provide reports related to cyber security. There are a lot of good features that are provided."
"For the typical malware or intrusion, this solution assists us by identifying the symptoms based on network traffic from the application servers."
"Once the rules are defined, it is capable of detecting minute changes in the systems, which are effectively based on the entries in the log.​"
"I value the event correlation of this product."
"​It is a vital tool for live monitoring and helps us to understand the traffic alerts of any major issue on the network, thereby reducing hacking attempts."
"It is a very useful tool for intelligence building because it has many use cases and many rule sets."
"The webpage algorithm is the most valuable feature because it was the fastest feature for searching the logs, events, and correlation."
 

Cons

"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"It is not flexible for multi-cloud environments."
"The support must be quicker."
"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."
"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just suggesting them."
"Shortening the response time for support tickets, particularly in production issues, could make the service more efficient."
"Security Hub is currently not worth investing in, as it requires more configurations and integration with other services to work effectively."
"The API integration could be better, and I'd like to see more machine-learning capabilities in the future."
"Sometimes, it takes ages to get an issue resolved. I have ArcSight experience, so I normally try to fix things on my own or find a workaround, but it's tough to get support when I need it."
"The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible."
"We have pricing issues. ArcSight ESM may not be the most user-friendly option, and its interface is quite traditional. However, despite these aspects, we find it a good cybersecurity solution. It needs to improve the dashboards, documentation, and support as well."
"The visualization is not very good compared to Splunk."
"They also could improve the product by integrating user and identity behavior analytics."
"The only concern is that AI needs to be integrated"
"ArcSight ESM is not easy to use and it should be integrated with other tools that have infrastructure capabilities."
 

Pricing and Cost Advice

"AWS Security Hub's pricing is pretty reasonable."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"The pricing is fine. It is not an expensive tool."
"There are multiple subscription models, like yearly, monthly, and packaged."
"Security Hub is not an expensive solution."
"The price of AWS Security Hub is average compared to other solutions."
"The price of the solution is not very competitive but it is reasonable."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"The cost of the solution is not very high, although hiring a qualified analyst to work with the product is expensive."
"HPE ArcSight pricing might be more expensive than other SIEM solutions, but in my opinion it has powerful features and great flexibility in developing complex use cases."
"The licensing cost is affordable if you get an enterprise license. The licensing is based on EPS, so you can probably provide a package of license for multiple ESMs with their correlational end fees. It is cost-effective."
"The product licenses are inexpensive."
"The pricing is great compared to others."
"ArcSight ESM is an affordable solution, it cost approximately $200,000 for three years. This price was at a substantial discount."
"Customers without a ton of resources to dedicate to deployment may be better served by a managed ArcSight service."
"It's a good price, it's one of the cheaper solutions."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
861,390 professionals have used our research since 2012.
 

Comparison Review

VS
Jun 28, 2015
Qradar vs. ArcSight
Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
13%
Manufacturing Company
10%
Government
6%
Financial Services Firm
18%
Computer Software Company
13%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
What needs improvement with AWS Security Hub?
There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just sugge...
Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.
 

Also Known As

SQRRL
Micro Focus ArcSight, HPE ArcSight, ArcSight
 

Overview

 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
Find out what your peers are saying about AWS Security Hub vs. OpenText Enterprise Security Manager and other solutions. Updated: October 2024.
861,390 professionals have used our research since 2012.