No more typing reviews! Try our Samantha, our new voice AI agent.

CompassOne by Blackpoint Cyber vs OpenText Behavioral Signals comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CompassOne by Blackpoint Cyber
Ranking in Security Information and Event Management (SIEM)
37th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
5
Ranking in other categories
Vulnerability Management (47th), Endpoint Detection and Response (EDR) (39th), Application Control (10th), Managed Detection and Response (MDR) (11th), Identity Threat Detection and Response (ITDR) (14th)
OpenText Behavioral Signals
Ranking in Security Information and Event Management (SIEM)
41st
Average Rating
8.0
Reviews Sentiment
6.6
Number of Reviews
5
Ranking in other categories
User Entity Behavior Analytics (UEBA) (14th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of CompassOne by Blackpoint Cyber is 0.6%, up from 0.1% compared to the previous year. The mindshare of OpenText Behavioral Signals is 0.9%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
CompassOne by Blackpoint Cyber0.6%
OpenText Behavioral Signals0.9%
Other98.5%
Security Information and Event Management (SIEM)
 

Featured Reviews

Gary Herbstman - PeerSpot reviewer
Owner at Byte Solutions Inc.
Experienced reduced alert fatigue with streamlined notifications
We use Blackpoint Cyber MDR for our higher-end clients who need a higher level of control over security I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real. This feature ensures that I am notified only…
Pravir KumarSinha - PeerSpot reviewer
Information Security at Synechron
Has essential threat detection capabilities, but the features for intelligence need enhancement
We integrated this tool with our security infrastructure. We installed it on a Linux server, where we have a Logger and ESM installed. With the Linux server as the hub, we manage all the configurations and rules, including those for email triggers. The logs are routed through a connector to the Logger, allowing us to monitor our infrastructure effectively. The platform helps us improve threat detection capabilities. I recommend it to others and rate it a seven out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"On a scale from one to ten, I would rate the overall solution as a ten."
"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."
"The solution also watches over Microsoft 365 and keeps a copy of logs."
"Their SOC is phenomenal in not monitoring and responding and taking action."
"On my end, the most valuable feature of this solution is that I can install it and forget about it. After that, their SOC team takes over and they only call me when there's a problem."
"The solution is all encompassing and can incorporate email monitoring."
"The platform helps us improve threat detection capabilities."
"The ability to tailor an environment to suit our specific use cases is a major advantage of ArcSight compared to other logging servers such as Splunk."
"We found the correlation engine to be very good, as it takes logs from different types of devices and does the correlation in a good way."
"The most valuable feature of ArcSight Intelligence is a single console where the entire dashboard gives all the connected details in a single place."
"The product has a valuable interface."
 

Cons

"The feature we keep asking for is a vulnerability scan."
"The solution does not tie into other EDR products like CyberArk or CrowdStrike but that might be more useful."
"Some texts seem to report items as normal too quickly."
"The interface could be more intuitive."
"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."
"The interface could be more intuitive. More transparency is needed in the interface as a lot of details are hidden behind the scenes, making them difficult or impossible to access."
"We haven't found the product fully scalable."
"The frequency of the updates that we are getting can be improved because the number and types of incidents that are happening at the global level are far more than what we are receiving. The frequency of updates feeds related to our rules should be increased. There should be more frequent information about the new rules that are coming and the global threats that are happening. There should be better options for dashboard creation. At present, the dashboards are good, but there is scope to make them better."
"ArcSight Intelligence is a bit slower, and its speed should be improved."
"ArcSight Intelligence's pricing needs improvement."
"The dashboard is not user-friendly and is in black and white."
 

Pricing and Cost Advice

"The pricing is reasonable."
"The pricing is in line with other products."
"It is an expensive platform."
"They offer perpetual licenses for the product."
"Its price is average and not very high. Splunk might be a bit cheaper than this. Its licensing is on a monthly basis."
"The solution is expensive and only suitable for enterprise environments."
"ArcSight Intelligence is an expensive solution."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Director of Operations at a comms service provider with 10,001+ employees
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Computer Software Company
10%
Financial Services Firm
9%
Outsourcing Company
7%
Healthcare Company
7%
Construction Company
11%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
No data available
 

Questions from the Community

What needs improvement with Blackpoint Cyber MDR?
While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement.
What is your primary use case for Blackpoint Cyber MDR?
The solution serves as a baseline security offering. We have implemented it for every client that we do business with.
Ask a question
Earn 20 points
 

Also Known As

Blackpoint Cyber Managed Detection + Response, Blackpoint Cyber Managed Detection and Response
ArcSight Interset / Intelligence, FileTrek, Interset UEBA, Micro Focus Interset UEBA, Micro Focus Interset, ArcSight Interset
 

Overview

 

Sample Customers

CoreRecon, Peerless Tech Solutions, Lorien Health
Accuvant, Splunk Inc., NuTech, Box, rSolutions, Voodoo Technology Limited
Find out what your peers are saying about CompassOne by Blackpoint Cyber vs. OpenText Behavioral Signals and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.