We performed a comparison between ArcSight Intelligence and Collibra Governance based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"It has a lot of great features."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The most valuable feature of ArcSight Intelligence is a single console where the entire dashboard gives all the connected details in a single place."
"The platform helps us improve threat detection capabilities."
"We found the correlation engine to be very good. It takes logs from different types of devices and does the correlation in a good way."
"The ability to tailor an environment to suit our specific use cases is a major advantage of ArcSight compared to other logging servers such as Splunk."
"The product has a valuable interface."
"As far as the functionality of the tool is concerned, it's pretty slick."
"The diagram showing the limits is absolutely magnificent."
"Collibra Governance comes with a lot of features, and we have used it in one of our projects for metadata management and data lineage."
"The solution has good workflows and is based on AIML."
"We use the solution's Data Stewardship part."
"Collibra's lineage is a very powerful feature. We have integrated Collibra with Azure and ADLS storage and we create lineage diagrams using the two tools."
"The customization and the dashboards are pretty good."
"Collibra is very good at talking to modern database systems like a normal RDBMS, a DB2, or a SQL server or an Oracle."
"The AI capabilities must be improved."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"One key area that can be improved is by building a strong integration with our XDR platform."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"The on-prem log sources still require a lot of development."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"The dashboard is not user-friendly and is in black and white."
"ArcSight Intelligence's pricing needs improvement."
"ArcSight Intelligence is a bit slower, and its speed should be improved."
"We haven't found the product fully scalable."
"The frequency of the updates that we are getting can be improved because the number and types of incidents that are happening at the global level are far more than what we are receiving. The frequency of updates feeds related to our rules should be increased. There should be more frequent information about the new rules that are coming and the global threats that are happening. There should be better options for dashboard creation. At present, the dashboards are good, but there is scope to make them better."
"It should have more integrations with things like CyberArk because its main purpose is GDPR implementation. We have to have more scope for things that implement more privacy. CyberArk makes sure your credentials are vaulted and your things are secure when you're creating your integrations or connecting to an application. I do believe that they are working on this feature."
"This solution could be improved with the the addition of process diagrams to help the many users of the platform understand all the fields."
"While connecting with the data source, it's not very easy. If there's a firewall, it is difficult to connect with the database. It's not easy when you are configuring on the database."
"The licensing is one area that could get improved."
"There are a lot of gaps in Collibra's support and documentation."
"The technical support could be better."
"Collibra gives a lot of facilities in the cloud, but achieving those facilities on-prem becomes a big challenge"
"It would be better if there was a way to import all data and metadata in an automatic way in one block form."
ArcSight Intelligence is ranked 31st in Security Information and Event Management (SIEM) with 5 reviews while Collibra Governance is ranked 2nd in Data Governance with 41 reviews. ArcSight Intelligence is rated 8.0, while Collibra Governance is rated 7.6. The top reviewer of ArcSight Intelligence writes "A user-friendly solution that can be used to integrate the logs properly with different connectors". On the other hand, the top reviewer of Collibra Governance writes "Transformed our cross-functional business teams into one enterprise-facing view". ArcSight Intelligence is most compared with ArcSight Enterprise Security Manager (ESM), Exabeam Fusion SIEM and Splunk User Behavior Analytics, whereas Collibra Governance is most compared with Microsoft Purview, Alation Data Catalog, Informatica Axon, BigID and Ataccama ONE Platform.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.