No more typing reviews! Try our Samantha, our new voice AI agent.

Cortex XSIAM vs OpenText Behavioral Signals comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
4.3
Cortex XSIAM achieved savings over $500,000 by automating over half of detection and response, optimizing incident management.
Sentiment score
8.9
ArcSight Intelligence boosts security and ROI by automating threat detection, reducing false positives, and streamlining workflows with advanced analytics.
 

Customer Service

Sentiment score
6.1
Cortex XSIAM technical support experiences vary, with premium support praised for expertise, while distributor-based support quality fluctuates.
Sentiment score
6.7
OpenText Behavioral Signals' support is responsive and skilled, but resolution may be slow and feedback sometimes lacks depth.
Premium support provides direct access, while distributor support quality can vary.
Team Lead, Security at seamlessinfotech.com
The support for them was better than maybe Trellix, for example.
Cybersecurity Architect at a computer software company with 10,001+ employees
It is ineffective in terms of responding to basic queries and addressing future requirements.
Associate Director at a financial services firm with 5,001-10,000 employees
 

Scalability Issues

Sentiment score
6.6
Cortex XSIAM excels in scalability and cloud deployment, though integration affects performance and some prefer more on-premises functionality.
Sentiment score
6.3
OpenText Behavioral Signals faces scalability challenges, while technologies like ArcSight Intelligence excel, prompting consideration of alternatives like Splunk.
The SOC team is responsible for fully managing Cortex XSIAM.
Cybersecurity Architect at a computer software company with 10,001+ employees
Without proper integration, scaling up with more servers is meaningless.
Associate Director at a financial services firm with 5,001-10,000 employees
Cortex XSIAM is highly scalable.
SOC Analyst at OVELOSEC
 

Stability Issues

Sentiment score
7.5
Cortex XSIAM is cloud-based, reliable, with minimal maintenance, and occasional update issues are quickly resolved, enhancing performance.
Sentiment score
8.4
OpenText Behavioral Signals is praised for its stability, receiving high ratings and fostering user trust through reliable performance.
The product was easy to install and set up and worked right.
Owner at Xelere
With continuous integration that the colleagues probably are doing, it is becoming better and better.
Cybersecurity Architect at a computer software company with 10,001+ employees
It works really nice and performs really efficiently after configuration.
IT COMMUNICATIONS AND NETWORKS at Américas BPS
 

Room For Improvement

Cortex XSIAM needs better integration, usability, pricing, data management, and support for enhanced performance and flexibility.
OpenText and ArcSight require updates for usability, scalability, and pricing to compete with QRadar and Splunk effectively.
Obtaining validation for integrations from Palo Alto takes around eight months, which is quite long.
Associate Director at a financial services firm with 5,001-10,000 employees
Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports.
SOC Analyst at OVELOSEC
This basically offers flexibility to implement Cortex XSIAM in more standardized places where you maybe have a certification.
Cybersecurity Architect at a computer software company with 10,001+ employees
 

Setup Cost

Cortex XSIAM is expensive with variable pricing, complexity in licensing, and additional costs for functionalities and resources.
OpenText Behavioral Signals offers enterprise-priced licensing options with additional charges for new features not in the base license.
The licensing cost of Cortex XSIAM is more or less the same as Splunk, making it quite expensive compared to other tools.
SOC Analyst at OVELOSEC
The first impression is that XSIAM would be more expensive than others we tried.
Owner at Xelere
The product is very expensive.
Associate Director at a financial services firm with 5,001-10,000 employees
 

Valuable Features

Cortex XSIAM enhances incident response with automation, integration, and machine learning, providing comprehensive network security and threat identification.
OpenText Behavioral Signals synthesizes diverse logs, customizes environments, and enhances efficiency with a user-friendly, consolidated interface.
The advanced visualization capabilities of the product are important for understanding security trends in an organization.
Solutions Architect at ostec
To have Cortex XSIAM available is to basically have integration of all log sources, all alerting, and so on and so forth from firewalls and different tools, to get everything in one place, and afterwards to be able to build on the information that is coming.
Cybersecurity Architect at a computer software company with 10,001+ employees
Cortex XSIAM allows us to onboard almost every device, whether they are on-prem or on SaaS.
SOC Analyst at OVELOSEC
 

Categories and Ranking

Cortex XSIAM
Ranking in Security Information and Event Management (SIEM)
8th
Average Rating
8.6
Reviews Sentiment
6.7
Number of Reviews
16
Ranking in other categories
Identity Threat Detection and Response (ITDR) (6th), AI-Powered Cybersecurity Platforms (7th)
OpenText Behavioral Signals
Ranking in Security Information and Event Management (SIEM)
41st
Average Rating
8.0
Reviews Sentiment
6.6
Number of Reviews
5
Ranking in other categories
User Entity Behavior Analytics (UEBA) (14th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Cortex XSIAM is 1.7%, down from 2.8% compared to the previous year. The mindshare of OpenText Behavioral Signals is 0.9%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Cortex XSIAM1.7%
OpenText Behavioral Signals0.9%
Other97.4%
Security Information and Event Management (SIEM)
 

Featured Reviews

reviewer2541030 - PeerSpot reviewer
Cybersecurity Architect at a computer software company with 10,001+ employees
Unified security monitoring has simplified incident response and improved automated threat handling
The firewall side can make some improvements. I know the firewall on Cortex XSIAM is based on Windows. From what I have experienced so far, I have seen that the policies you can create are actually very in-depth. I mean, you can do most of the things and a lot of integration that you actually want. So if I want to choose to send things to WildFire, for example, I can choose to send it, I can choose to not send it. This basically offers flexibility to implement Cortex XSIAM in more standardized places where you maybe have a certification. I would say that the thing that maybe needs a bit more improvement is the fact that the one with the firewall because I have seen some things there that are kind of hard to manage. You do not really have a very easy way to manage those, unless you actually know where you have put them. So it is very inflexible. In the rest, you have a lot of playbooks that you can do and you can do lots of automation, which is actually easy to manage from what I have seen from my colleagues.
Pravir KumarSinha - PeerSpot reviewer
Information Security at Synechron
Has essential threat detection capabilities, but the features for intelligence need enhancement
We integrated this tool with our security infrastructure. We installed it on a Linux server, where we have a Logger and ESM installed. With the Linux server as the hub, we manage all the configurations and rules, including those for email triggers. The logs are routed through a connector to the Logger, allowing us to monitor our infrastructure effectively. The platform helps us improve threat detection capabilities. I recommend it to others and rate it a seven out of ten.
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Director of Operations at a comms service provider with 10,001+ employees
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Manufacturing Company
10%
Financial Services Firm
9%
Government
6%
Construction Company
11%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise2
Large Enterprise5
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Cortex XSIAM?
I did not participate in pricing discussions for Cortex XSIAM solutions, so I cannot provide a review regarding prices for this solution.
What needs improvement with Cortex XSIAM?
The firewall side can make some improvements. I know the firewall on Cortex XSIAM is based on Windows. From what I have experienced so far, I have seen that the policies you can create are actually...
Ask a question
Earn 20 points
 

Also Known As

No data available
ArcSight Interset / Intelligence, FileTrek, Interset UEBA, Micro Focus Interset UEBA, Micro Focus Interset, ArcSight Interset
 

Overview

 

Sample Customers

Information Not Available
Accuvant, Splunk Inc., NuTech, Box, rSolutions, Voodoo Technology Limited
Find out what your peers are saying about Cortex XSIAM vs. OpenText Behavioral Signals and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.