Integration shines but threat detection and technical support need attentionRegarding threat detection capabilities, I think OpenText Enterprise Security Manager covers the MITRE ATT&CK framework at an average level, and on a scale of one to ten, I would rate it only five. They have to improve in those areas in terms of threat detection capabilities. For ArcSight, they need to give the complete package, with UBA being part of that. They have added it, but I question what capabilities are there, especially on the SOAR side where they have to improve because the SIEM was very strong. For the SOAR side, because SIEM was very strong when they were earlier launched, but for SOAR, they were integrating with third-party solutions initially, and then they built the capability. They have acquired some company, but it is not up to that potential. They slowly and gradually lost that ground to Splunk, QRadar, and other companies, so when anybody talks about the full capabilities, they are not thinking about Micro Focus as of now. I would desire additional features in OpenText Enterprise Security Manager, especially on the SOAR side, and maybe on the UBA side, as threats intel and all, which are part of bundled solutions. Those are the areas they have to improve so that customers can trust and enhance those things, and maybe the customers will feel they should go for this product. As of now, if we are evaluating our own scenario, we are not even thinking about it. Earlier, that was not the scenario when they were selling this SIEM solution in the market; everybody was thinking OpenText was the default option, but now, if you're looking for a complete solution stack, nobody is even considering it.
