No more typing reviews! Try our Samantha, our new voice AI agent.

Google Security Operations vs OpenText Behavioral Signals comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Google Security Operations
Ranking in Security Information and Event Management (SIEM)
28th
Average Rating
8.8
Reviews Sentiment
7.5
Number of Reviews
6
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (13th), AI-Powered Cybersecurity Platforms (12th)
OpenText Behavioral Signals
Ranking in Security Information and Event Management (SIEM)
41st
Average Rating
8.0
Reviews Sentiment
6.6
Number of Reviews
5
Ranking in other categories
User Entity Behavior Analytics (UEBA) (14th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Google Security Operations is 1.3%, up from 1.0% compared to the previous year. The mindshare of OpenText Behavioral Signals is 0.9%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Google Security Operations1.3%
OpenText Behavioral Signals0.9%
Other97.8%
Security Information and Event Management (SIEM)
 

Featured Reviews

CK
Technical Lead at a transportation company with 1,001-5,000 employees
Simplified detection rules and SOAR workflows have improved compliance-focused operations
One improvement I am looking for is silent log source monitoring. If some feed or some host went offline or was not pulling any logs into Google Security Operations, I would want better visibility. Silent host monitoring would make a significant difference because it is very hard to track which host went down, and there are many false positives as a result. I think there is a lot of room for scalability improvements, particularly in the integration of third-party applications. Currently, I have to write a script and use a cloud run function to pull logs. If there were direct ingestion by simply providing an API key and some sort of client certificate, it would be much easier.
Pravir KumarSinha - PeerSpot reviewer
Information Security at Synechron
Has essential threat detection capabilities, but the features for intelligence need enhancement
We integrated this tool with our security infrastructure. We installed it on a Linux server, where we have a Logger and ESM installed. With the Linux server as the hub, we manage all the configurations and rules, including those for email triggers. The logs are routed through a connector to the Logger, allowing us to monitor our infrastructure effectively. The platform helps us improve threat detection capabilities. I recommend it to others and rate it a seven out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Google Security Operations helps meet all the important regulatory compliance across all verticals."
"Overall, Google SecOps is a very useful service for security operations."
"The valuable parts of Google Security Operations include how easy it is to write parsers or detection rules, and it is well-advanced in the analytical part."
"The most valuable feature of Siemplify is the playbooks that can be created."
"The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations with other security operation solutions, enhancing our flexibility. The user interface is generally straightforward, although recent changes may require some adjustment and Siemplify's integrations and capabilities offer potential support for various compliance requirements."
"Without hyperbole, I have never, in my entire career, encountered a vendor or a vendor community as awesome as Siemplify. Siemplify and the Siemplify Community quite literally made it possible for our SOC to increase almost five-fold in our number of clients and number of analysts and to go from a Monday to Friday 9-5 shop to a 24/7 shop all in the span of under a year and a half and all while continually adding capabilities and improving the services we offer to our clients."
"Google SecOps is extremely useful for threat detection and hunting."
"The platform helps us improve threat detection capabilities."
"We found the correlation engine to be very good, as it takes logs from different types of devices and does the correlation in a good way."
"The product has a valuable interface."
"The most valuable feature of ArcSight Intelligence is a single console where the entire dashboard gives all the connected details in a single place."
"The ability to tailor an environment to suit our specific use cases is a major advantage of ArcSight compared to other logging servers such as Splunk."
 

Cons

"I can give customer service a rating of six because it is very hard sometimes to keep up with the support."
"Building the playbooks could be easier and the integration could improve. It is a difficult process, such as what API connections need to be made."
"The main improvement could be in the accuracy and detail provided in threat descriptions."
"We often encounter minor issues that could be improved, but we maintain communication with the developers and submit feature requests. Recently, I requested enhancements such as improved search functionality within playbooks and expanded options for exporting case data."
"I'm inclined to say that I'd love to see some Machine Learning capabilities integrated into the platform, however, I just attended a demo this morning where Siemplify gave a sneak peek into some Machine Learning capabilities that they are currently developing and have roadmapped for release soon."
"ArcSight Intelligence is a bit slower, and its speed should be improved."
"We haven't found the product fully scalable."
"The frequency of the updates that we are getting can be improved because the number and types of incidents that are happening at the global level are far more than what we are receiving. The frequency of updates feeds related to our rules should be increased. There should be more frequent information about the new rules that are coming and the global threats that are happening. There should be better options for dashboard creation. At present, the dashboards are good, but there is scope to make them better."
"ArcSight Intelligence's pricing needs improvement."
"The dashboard is not user-friendly and is in black and white."
 

Pricing and Cost Advice

Information not available
"ArcSight Intelligence is an expensive solution."
"The solution is expensive and only suitable for enterprise environments."
"It is an expensive platform."
"Its price is average and not very high. Splunk might be a bit cheaper than this. Its licensing is on a monthly basis."
"They offer perpetual licenses for the product."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Director of Operations at a comms service provider with 10,001+ employees
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Manufacturing Company
10%
University
7%
Outsourcing Company
6%
Construction Company
11%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Large Enterprise3
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Siemplify?
The pricing for Google SecOps and Microsoft Sentinel is almost the same, with no significant differences.
What needs improvement with Siemplify?
A potential area of improvement for Google Security Operations could be cost. I think Google has already started developing AI SOC and Agentic SOC, so I do not have any other suggestions for improv...
What is your primary use case for Siemplify?
Google Security Operations is the main tool that my clients use for the security operations of their companies.
Ask a question
Earn 20 points
 

Also Known As

Siemplify ThreatNexus
ArcSight Interset / Intelligence, FileTrek, Interset UEBA, Micro Focus Interset UEBA, Micro Focus Interset, ArcSight Interset
 

Overview

 

Sample Customers

FedEx Mondelez Intenrational Check Point Trustwave Atos Cyberint Bae Systems Crowe Longwall Security Telefonica Nordea HCL
Accuvant, Splunk Inc., NuTech, Box, rSolutions, Voodoo Technology Limited
Find out what your peers are saying about Google Security Operations vs. OpenText Behavioral Signals and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.