OpenText Enterprise Security Manager and Trellix Helix Connect compete in enterprise security management. Reviews indicate that OpenText's high customization is beneficial for integration needs, whereas Trellix is preferred for its strong automation capabilities.
Features: Trellix Helix Connect offers strong automation with SOAR and playbooks, enhancing operational efficiency by minimizing manual tasks. It also provides robust threat intelligence and cross-domain visibility for rapid detection and response. OpenText Enterprise Security Manager provides vast customization options, allowing flexible event collection and seamless integration with various platforms, catering to specific integration needs.
Room for Improvement: OpenText Enterprise Security Manager needs improvements in reducing complexity and upgrading its GUI and reporting capabilities. It should also enhance machine-learning features and expedite its support services. Trellix Helix Connect could benefit from better cloud and SaaS telemetry integration, improved dashboard usability, and more effective support, with issues of false positives and rule management highlighted by users.
Ease of Deployment and Customer Service: OpenText Enterprise Security Manager supports on-premises, hybrid, and cloud deployments, but users often face challenges with deployment complexity and response time from support. Trellix Helix Connect is focused on cloud-enabled and hybrid solutions, suitable for cloud transitions, but its support effectiveness requires enhancement in issue resolution.
Pricing and ROI: OpenText Enterprise Security Manager, despite being expensive with EPS-based licensing, offers good ROI through its comprehensive incident detection capabilities. Trellix Helix Connect, though competitively priced with cost-effective packages for FireEye users, is generally costlier and may not provide immediate ROI compared to OpenText, which users find favorable for compliance and incident prevention.
I find that using ArcSight Enterprise Security Manager (ESM) provides a valuable return on investment as it serves as a single point of glass for logs and data analysis.
We have seen a return on investment with Trellix Helix Connect, and we can share relevant metrics as we reduce the MTTD and MTTR and have KPIs indicating our ROI.
From an analyst's perspective, it has required fewer L2 operators since we already have a broader view of what is happening with the endpoint machines.
If I raise a P1 or P0 ticket, the response time is often delayed by four to eight hours.
I would rate the technical support of ArcSight Enterprise Security Manager (ESM) a nine as they are always available and responsive whenever we open a case.
I assess the effectiveness of Trellix Helix Connect's threat detection capabilities as robust, making it more powerful than Trend Micro and other solutions like CrowdStrike.
We often wait for weeks to get a response from the engineering team due to a long relay process from customer representatives to the engineering team and then back to us.
We experienced some challenges due to the ongoing transformation and fusion of McAfee and FireEye, but we are committed to improving response times.
It lacks some capabilities compared to other tools available in the market.
It is easy to scale, and I have not encountered any issues when we require more storage or deployment.
We support the largest companies in the world and can cater to large environments.
Trellix Helix Connect's scalability is excellent as the solution has a library to make integrations with other brands.
The scalability of Trellix Helix Connect is good as it has over 400 ready-to-go connectors, which is a strong feature.
I would rate the stability of ArcSight Enterprise Security Manager (ESM) a nine because I have not encountered significant issues, unlike other solutions that sometimes have database errors.
The stability of ArcSight Enterprise Security Manager (ESM) is not very robust.
The availability is high, which is critical for our customers who rely on a single panel of glass to operate.
Trellix Helix Connect is very stable, and I have experienced almost no downtime or issues.
Trellix Helix Connect has stability issues as it experienced downtimes during off-hours that affected our night shifts and late hours.
I would like to see the detection and response features included in the next release of ArcSight Enterprise Security Manager (ESM), as security orchestration and automation are increasingly important.
The integration aspect of ArcSight Enterprise Security Manager (ESM) needs improvement.
The GUI and dashboard feel very old-school and legacy, needing improvement, as all competitors have far superior GUIs and UI/UX interfaces.
We have just released the solutions to the market recently, making it a revolution in the cybersecurity sector.
The usability of hyperautomation is something to improve in the solution because it is expensive regarding the needed improvements.
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools.
I would rate the pricing of ArcSight Enterprise Security Manager (ESM) around seven, as it varies based on features and demand, making it more affordable for larger organizations, while smaller ones might find it expensive.
We mainly chose this solution because of the pricing factor alone; many other options were more lucrative feature-wise, but for pricing, it was quite competitive at the time.
It is not the cheapest, but also not the most expensive solution.
We do not face much performance issues; for pricing, it was close to other competitors.
The ability to interpret data is highly valued.
The log analysis feature is particularly valuable as it allows analysts to interpret intrusion-related logs efficiently.
Trellix Helix, as an AI XDR platform, helps our organization by offering an extensive number of connectors for integration, enabling us to consolidate all information in a single dashboard.
Trellix Helix Connect easily integrates with Office 365 and also integrates well with FortiGate, Palo Alto, and Barracuda, especially within AWS environments.
The features that I find most valuable in Trellix Helix Connect are the incident response capabilities, which include EDR and XDR, along with the SoC capabilities added in the new advanced Trellix AI intelligence.
| Product | Mindshare (%) |
|---|---|
| Trellix Helix Connect | 1.2% |
| OpenText Enterprise Security Manager | 1.5% |
| Other | 97.3% |
| Company Size | Count |
|---|---|
| Small Business | 37 |
| Midsize Enterprise | 14 |
| Large Enterprise | 59 |
| Company Size | Count |
|---|---|
| Small Business | 9 |
| Midsize Enterprise | 1 |
| Large Enterprise | 9 |
OpenText Enterprise Security Manager enables real-time threat detection through scalable and adaptable solutions, integrating seamlessly with multiple platforms for complex security scenarios across different environments.
OpenText Enterprise Security Manager offers extensive security monitoring capabilities, combining log analysis and incident management to enhance cybersecurity and compliance. Its powerful event correlation engine provides real-time alerts for rapid incident response. Users benefit from customizable dashboards and comprehensive log collection, making it a significant tool in the SIEM market. Flexible deployment options cater to both on-premises and cloud environments, supporting enterprises in managing IT infrastructure and threat detection efficiently.
What are the key features of OpenText Enterprise Security Manager?In industries such as finance, healthcare, and energy, OpenText Enterprise Security Manager is implemented for monitoring critical systems and ensuring compliance with regulatory needs. Enterprises leverage its capabilities for forensic investigations and active threat management, serving as a central hub for cybersecurity operations across diverse IT infrastructures.
Trellix Helix Connect leverages automation with playbooks and AI, enhancing incident management, data correlation, and reducing response times while easing integration and improving threat visibility.
Trellix Helix Connect transforms cyber operations with automated workflows, cutting response times and decreasing analyst fatigue. Its ability to integrate seamlessly with existing infrastructures improves incident handling through advanced AI and data correlation techniques. Quick to implement, it enhances threat visibility, enabling faster incident triage, alert correlation, and threat intelligence integration. While the platform excels in these areas, users have noted areas for enhancement, such as integration with third-party tools, better dashboard functionalities, and reduced false positives. Despite concerns over licensing costs and connectivity issues, Trellix Helix Connect remains a valuable asset for centralized security event management and response automation.
What are the key features of Trellix Helix Connect?Organizations rely on Trellix Helix Connect for centralized correlation and security event management, integrating it with existing tools for streamlined alert management and enhanced cybersecurity measures. It supports tasks like phishing detection, data protection, and endpoint security, essential in industries facing persistent network threats, including managing logs, detecting malware, and automating responses, reducing investigation times and improving notification efficiency.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
