Hi Everyone,
What do you like most about ArcSight?
Thanks for sharing your thoughts with the community!
ArcSight gives us better visibility into threats that were unknown earlier.
For the typical malware or intrusion, this solution assists us by identifying the symptoms based on network traffic from the application servers.
I think that the overall experience with this solution is good, but in particular, I think that the dashboards are quite interactive.
This process has helped to improve our organization because we have centralized the intra-group security equipment logs.
When WannaCry attacks I can minimize the damage. My company had no protection at the time. We get alerts in ArcSight and then whenever a user got a copy of WannaCry and the WannaCry malware wants to connect to the mother ship, it alerts me in the ArcSight dashboard, and that helps us a lot. We then just go to the user and erase the malware.
The webpage algorithm is the most valuable feature because it was the fastest feature for searching the logs, events, and correlation.
We do consulting and I get feedback from our clients that the product really helped them with compliance, especially with GDPR.
I work at mid-sized enterprise bank. I am researching SIEM solutions. Which is the best tool for security information and event management: Arcsight or Securonix?