Home IT ArcSight Enterprise Security Manager (ESM)

ArcSight Enterprise Security Manager (ESM)

Integrated SaaS for elevated security
our rating 4 out of 5 Stars

ArcSight Enterprise Security Manager (ESM)Product Overview

  1. About ArcSight ESM
  2. Pros of ArcSight ESM
  3. Cons of ArcSight ESM
  4. Breakdown of core features

ArcSight ESM product overview

ArcSight Enterprise Security Manager (ESM) from Micro Focus is a comprehensive threat detection, analysis, triage, and compliance management SIEM platform. It reduces the time to mitigate cyber-security threats. It empowers security operations teams with real-time threat detection and native SOAR technology.

ArcSight ESM monitors threats from across the enterprise. It has a scalable data collection framework that gives visibility into every security in the organization. The platform makes data more cost-effective by aggregating, normalizing, and enriching it for security analytics.

Backed by default content, intelligence feeds, customizable rule sets, and a community marketplace, ArcSight ESM is equipped to address any SIEM use case, no matter how complex. The solution is security analytics-powered and intelligently adapts to talent shortages by sharpening resource focus with more accurate threat detection of known and unknown threats.

Pros of ArcSight ESM

Back to top ↑

  • ArcSight ESM works with various digital workflow solutions and comes with native SOAR technology, including automation and playbooks, incident management, and SOC analytics. Its automated responses and workflow processing keep SOC efficient.
  • Enterprises can speed up threat response and optimize analysts’ workloads with native Security Orchestration, Automation, and Response from the platform.

Cons of ArcSight ESM

Back to top ↑

  • According to some users, the product has slow search functionality.

Breakdown of core features

Back to top ↑

MITRE ATT&CK mapping

ArcSight ESM provides an extensive mapping of detection content to the MITRE ATT&CK framework. The features work out of the box with minimal configuration requirements. The ATT&CK technique chain dashboards offer campaign detection without focusing solely on individual techniques.


ArcSight ESM’s security-focused visualizations allow analysts to identify threats. Additionally, the dashboards deliver insights into top threat intelligence alerts, targeted nodes, risky websites, MITRE Tactics, and Active Lists.

Unified SecOps platform

The solution integrates closely with ArcSight Intelligence and ArcSight Recon to deliver Layered Analytics. Its web-based UI, known as ArcSight Fusion, lets users see, identify, and analyze potential threats by incorporating intelligence across the platform through a single interface. Through the Fusion UI, users can analyze results cross-platform and navigate directly to other ArcSight products.

(Last updated on 02/02/2022 by Liz Laurente-Ticong)

Quick Facts

  • Industry Specialties
    All Industries
  • Pricing
  • Works Best For
    Enterprise Businesses, Mid Sized Businesses





  • Enterprise Security Manager
  • Intelligence
  • Marketplace
  • MITRE ATT&CK Framework
  • Recon
  • Security Open Data Platform
  • Security Orchestration Automation and Response
  • Sentinel


  • ManageEngine
  • IntSights
  • Cyware Labs


  • English