AWS Security Hub vs ArcSight Enterprise Security Manager (ESM) comparison

The compared OpenText and Amazon Web Services (AWS) solutions aren't in the same category. OpenText is ranked #19 in SIEM , with an average rating of 7.0, and holds a 1.1% mindshare in the category. Amazon Web Services (AWS) is ranked #12 in CSPM , with an average rating of 7.7, and holds a 4.5% mindshare. Additionally, 88% of OpenText users are willing to recommend the solution, compared to 87% of Amazon Web Services (AWS) users who would recommend it.

ArcSight Enterprise Securit...

Read 97 ArcSight Enterprise Security Manager (ESM) reviews

2,658 Views
1,394 Comparison Views

88% willing to recommend

AWS Security Hub

Read 22 AWS Security Hub reviews

3,684 Views
3,162 Comparison Views

87% willing to recommend

ArcSight Enterprise Securit...

AWS Security Hub

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

ArcSight Enterprise Security Manager ESM and AWS Security Hub are major contenders in the cybersecurity landscape. Users have expressed greater satisfaction with AWS Security Hub's scalability and ease of integration, indicating it may have the upper hand.

Features: ArcSight ESM offers comprehensive threat detection, incident management, and robust functionalities. AWS Security Hub provides seamless integration with AWS services, enhancing operational efficiency and scalability.

Room for Improvement: ArcSight ESM needs better analytics, more frequent updates, and improved user interface. AWS Security Hub users suggest enhancing multi-tenancy support, advanced customization options, and reporting capabilities.

Ease of Deployment and Customer Service: ArcSight ESM's deployment can be complex and time-consuming, but customer service is responsive. AWS Security Hub features a quicker deployment process and benefits from AWS's extensive customer service resources.

Pricing and ROI: ArcSight ESM's initial setup costs are high but justified by its extensive feature set. AWS Security Hub's pricing is more competitive; users achieve ROI sooner due to lower ongoing costs and faster time to value.

To learn more, read our detailed AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM) Report (Updated: October 2024).

Buyer's Guide

AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM)

October 2024

Download the complete report

Helped 849,686 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

ArcSight Enterprise Securit...

Average Rating

7.8

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (19th)

AWS Security Hub

Average Rating

7.6

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (5th), Cloud Security Posture Management (CSPM) (12th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. ArcSight Enterprise Security Manager (ESM) is designed for Security Information and Event Management (SIEM) and holds a mindshare of 1.1%, down 1.6% compared to last year.
AWS Security Hub, on the other hand, focuses on Cloud Security Posture Management (CSPM), holds 4.5% mindshare, down 5.6% since last year.

Security Information and Event Management (SIEM)

Cloud Security Posture Management (CSPM)

Featured Reviews

Ramnesh Dubey

Solutions Architect at Ericsson

Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods

The first limitation is with the ArcSight Data Storage Manager (ADSM). ArcSight's total capacity is currently capped at 12 TB. This becomes an issue if a customer needs a longer real-time data retention period, such as exceeding 90 days or reaching a year or even ten months. Increasing the disk space beyond 12 TB is not currently possible. So, increasing the storage capacity is one area for improvement. Additionally, the real-time data retention is limited due to the 12 TB restriction. Depending on the Events Per Second (EPS) you receive, you might only be able to retain data for seven to ten days. Overall, the 12 TB limit is the main issue we face in terms of maximizing real-time data storage. Moreover, there are a few improvements I would like to see in future releases. My main suggestion for ArcSight is to simplify the deployment process. Currently, the installation process is quite complex. There are various components involved, including transformations, multiple installations, and containerization for various components. Ideally, I'd recommend that ArcSight allow the entire installation, including the ESM and database, to be completed within a single unified setup process for a streamlined experience. Additionally, having readily available and well-organized documentation for the step-by-step installation process would be incredibly helpful. I would also like to see better support.

Read full review

MuhammadAzhar Khan

Senior DevOps Engineer at Alibaba Group

Offers best practice recommendations and supports various compliance standards

Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The filters and the ability to do what you want are the most valuable features. There is nothing that you cannot do in this solution. It has all the features, which makes it very dynamic."

"On the positive side, ArcSight ESM's performance was excellent. It was very fast when writing queries. It provided good performance monitoring and had built-in rules to show which rules triggered most often and impacted performance. This performance monitoring was well-implemented."

"When WannaCry attacks I can minimize the damage. My company had no protection at the time. We get alerts in ArcSight and then whenever a user got a copy of WannaCry and the WannaCry malware wants to connect to the mother ship, it alerts me in the ArcSight dashboard, and that helps us a lot. We then just go to the user and erase the malware."

"ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools."

"The webpage algorithm is the most valuable feature because it was the fastest feature for searching the logs, events, and correlation."

"Feature-rich solution which provides better network visibility for improved security"

"We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities."

"It has absolutely improved the efficiency of our security team. We use it internally as well. It is such a powerful tool that our internal security team became a customer of our ArcSight managed service."

More ArcSight Enterprise Security Manager (ESM) pros

"Cloudposse is a valuable feature as it guarantees my security."

"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."

"Very good at detection and providing real-time alerts."

"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."

"Security Hub provides insightful information about what is running and where there might be weaknesses."

"The solution shows us our compliance score."

"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."

"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."

More AWS Security Hub pros

Cons

"ArcSight ESM is not easy to use and it should be integrated with other tools that have infrastructure capabilities."

"I would like to have a feature that gives us an entire report listing what devices are integrated."

"We have pricing issues. ArcSight ESM may not be the most user-friendly option, and its interface is quite traditional. However, despite these aspects, we find it a good cybersecurity solution. It needs to improve the dashboards, documentation, and support as well."

"The stability of ArcSight Enterprise Security Manager (ESM) is not very robust."

"In certain cases, this product does have false positives, which the company should work on."

"The initial setup is very complex. We had to architect a deployment which allowed us to incorporate an ever growing number of customers into our hosted instance of ArcSight."

"Could benefit from a more modern interface."

"ArcSight ESM could improve the alerts for the storage capacities or actions."

More ArcSight Enterprise Security Manager (ESM) cons

"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."

"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."

"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."

"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."

"The solution should be easier to learn and use"

"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."

"Security Hub is currently not worth investing in, as it requires more configurations and integration with other services to work effectively."

"The support must be quicker."

More AWS Security Hub cons

Pricing and Cost Advice

"The cost of the solution is not very high, although hiring a qualified analyst to work with the product is expensive."

"ArcSight is pretty expensive compared with its competitors. I believe that is fine as it provides value."

"The solution is super expensive. At our organization size and license model, I think the price is average to what anyone else would charge us."

"Thanks to Micro Focus's licensing model, as an MSSP, we are able to see a complete return on our investment almost immediately."

"The pricing model is expensive compared to open-source alternatives."

"The product licenses are inexpensive."

"The pricing is great compared to others."

"The licensing cost is affordable if you get an enterprise license. The licensing is based on EPS, so you can probably provide a package of license for multiple ESMs with their correlational end fees. It is cost-effective."

More ArcSight Enterprise Security Manager (ESM) pricing and cost advice

"The price of the solution is not very competitive but it is reasonable."

"The price of AWS Security Hub is average compared to other solutions."

"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."

"There are multiple subscription models, like yearly, monthly, and packaged."

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

"AWS Security Hub's pricing is pretty reasonable."

"The pricing is fine. It is not an expensive tool."

"Security Hub is not an expensive solution."

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

849,686 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Jun 28, 2015

Qradar vs. ArcSight

Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM…

Read full review

Top Industries

By visitors reading reviews

Financial Services Firm

20%

Computer Software Company

16%

Manufacturing Company

Government

Computer Software Company

15%

Financial Services Firm

12%

Manufacturing Company

10%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?

In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...

See all answers

What do you like most about ArcSight Enterprise Security Manager (ESM)?

We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.

See all answers

What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?

ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.

See all answers

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

See all answers

What do you like most about AWS Security Hub?

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.

See all answers

What needs improvement with AWS Security Hub?

There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just sugge...

See all answers

Comparisons

Trellix ESM vs ArcSight Enterprise Security Manager (ESM)

Compared 24% of the time

Splunk Enterprise Security vs ArcSight Enterprise Security Manager (ESM)

Compared 15% of the time

Elastic Security vs ArcSight Enterprise Security Manager (ESM)

Compared 11% of the time

Google Chronicle Suite vs ArcSight Enterprise Security Manager (ESM)

Compared 8% of the time

IBM Security QRadar vs ArcSight Enterprise Security Manager (ESM)

Compared 7% of the time

More ArcSight Enterprise Security Manager (ESM) Competitors

Microsoft Sentinel vs AWS Security Hub

Compared 39% of the time

Wiz vs AWS Security Hub

Compared 12% of the time

Prisma Cloud by Palo Alto Networks vs AWS Security Hub

Compared 9% of the time

Microsoft Defender for Cloud vs AWS Security Hub

Compared 6% of the time

Google Chronicle Suite vs AWS Security Hub

Compared 4% of the time

More AWS Security Hub Competitors

Product Reports

Buyer's Guide

ArcSight Enterprise Security Manager (ESM)

April 2025

ArcSight Enterprise Security Manager (ESM) report

Download ArcSight Enterprise Security Manager (ESM) product report

Buyer's Guide

AWS Security Hub

April 2025

Download AWS Security Hub product report

Also Known As

Micro Focus ArcSight, HPE ArcSight, ArcSight

SQRRL

Overview

ArcSight Enterprise Security Manager (ESM) is a powerful SIEM solution for analyzing, collecting, correlating, and reporting on security event information. ArcSight ESM analyzes information from all of your data sources while helping your organization maintain high security. In addition, the solution is very customizable and enables users to create their own company-specific rule sets to automatically trigger instant alerts.

ArcSight Enterprise Security Manager (ESM) Features

Real-time threat detection
Visualization and reporting capabilities
Patented log management
Personalized dashboards
Scalable event monitoring
Seamless integration with your existing SOC tools
Behavior profiling
Data and user monitoring
Application monitoring
Analytics
Deployment/support simplicity

ArcSight Enterprise Security Manager (ESM) Benefits

Some of the benefits of using ESM include:

Real-time information: ArcSight ESM can correlate data from any source in real-time to detect incidents before they become a breach.

Compliance: Optional compliance packs enable packaged reports for PCI, SOX, and IT Governance.

Security analytics: With ArcSight ESM, you can build and maintain a security operation center (SOC) through big data security analytics.

Integration: ArcSight ESM allows you to integrate SOC with network operations, service desk, CMDB, business intelligence, Hadoop, email security, application security, threat feeds, and more.

Speed: ArcSight ESM provides excellent speed of event collection with patented log management tools.

Advanced detection: ArcSight ESM can detect unusual or unauthorized activities as they occur, preventing business disruptions.

Decrease threat exposure: By implementing ArcSight ESM, you reduce threat exposure because the solution detects threats in real time.

Operational efficiency: ArcSight ESM makes it possible for you to automate responses with ArcSight’s native SOAR, which saves your organization time, and therefore increases your operational efficiency.

Reviews from Real Users

Below are some reviews and helpful feedback written by ArcSight Enterprise Security Manager (ESM) users.

A Head of Professional Services at a computer software company says, “The simplicity of the solution is the most valuable aspect of the product. The product is quite mature. It's been around for a long time. The integration is easy for the most part.”

A Managing partner at a tech services company states that the solution is “Good at consolidating logs, fairly stable, and can scale.”

PeerSpot user Abbasi P., Vice President Derivatives Ops IT at a financial services firm, explains, “The user interfaces are quite good and speedy, and I like the consoles too. The typology and the setup are also good.”

A Chief Technological Officer at a tech services company says, "It is a very useful tool for intelligence building because it has many use cases and many rule sets."

An Associate Vice President at a consumer goods company comments, “We primarily use the solution for its technology including its independent logs, and those types of things. The solution offers very good monitoring. The product's log management and event management capabilities are excellent. There are a lot of really good analytical components. It helps us focus on analysis.”

OpenText

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments.

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

Sample Customers

Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.

Edmunds, Frame.io, GoDaddy, Realtor.com

Buyer's Guide

AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM)

October 2024

Free Report: AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM)

Find out what your peers are saying about AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM) and other solutions. Updated: October 2024.

DOWNLOAD NOW

849,686 professionals have used our research since 2012.

See our AWS Security Hub vs. ArcSight Enterprise Security Manager (ESM) report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.