We just raised a $30M Series A: Read our story

ArcSight Interset / Intelligence OverviewUNIXBusinessApplication

ArcSight Interset / Intelligence is the #14 ranked solution in our list of top User Behavior Analytics - UEBA tools. It is most often compared to Securonix UEBA: ArcSight Interset / Intelligence vs Securonix UEBA

What is ArcSight Interset / Intelligence?

Interset provides an insider and targeted outsider threat detection solution to protect sensitive data, such as intellectual property, trade secrets, and classified files. Interset proactively detects enterprise threats and enables immediate forensic investigation allowing IT teams to stop attacks before data is compromised. It uses agentless data collectors, lightweight endpoint sensors, advanced behavioral analytics, and an intuitive user interface for providing visibility over sensitive data, enabling early attack detection and actionable forensic intelligence without false positives or white noise.

ArcSight Interset / Intelligence is also known as FileTrek, Interset UEBA, Micro Focus Interset UEBA, Micro Focus Interset, ArcSight Interset.

Buyer's Guide

Download the Security Information and Event Management (SIEM) Buyer's Guide including reviews and more. Updated: October 2021

ArcSight Interset / Intelligence Customers

Accuvant, Splunk Inc., NuTech, Box, rSolutions, Voodoo Technology Limited

ArcSight Interset / Intelligence Video

Pricing Advice

What users are saying about ArcSight Interset / Intelligence pricing:
  • "Its price is average and not very high. Splunk might be a bit cheaper than this. Its licensing is on a monthly basis."

ArcSight Interset / Intelligence Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Ajay Upadhyay
Principal Security Advisor at Symbiotic Consulting Group
Real User
Top 5
Good correlation engine, average price, stable, and easy to deploy

Pros and Cons

  • "We found the correlation engine to be very good. It takes logs from different types of devices and does the correlation in a good way."
  • "The frequency of the updates that we are getting can be improved because the number and types of incidents that are happening at the global level are far more than what we are receiving. The frequency of updates feeds related to our rules should be increased. There should be more frequent information about the new rules that are coming and the global threats that are happening. There should be better options for dashboard creation. At present, the dashboards are good, but there is scope to make them better."

What is our primary use case?

We have a subscription service to gather global intelligence from the cloud. Within that, we get various feeds. We can get notifications about various types of global attacks that are happening. We can also get updates for our correlation engines from these subscriptions. We are using its latest version.

What is most valuable?

We found the correlation engine to be very good. It takes logs from different types of devices and does the correlation in a good way.

What needs improvement?

The frequency of the updates that we are getting can be improved because the number and types of incidents that are happening at the global level are far more than what we are receiving. The frequency of updates feeds related to our rules should be increased. There should be more frequent information about the new rules that are coming and the global threats that are happening.

There should be better options for dashboard creation. At present, the dashboards are good, but there is scope to make them better.

For how long have I used the solution?

I have been using this solution for over seven years.

What do I think about the stability of the solution?

It has been stable for us.

What do I think about the scalability of the solution?

We have 34 clients. In terms of devices, there are over 120 devices.

We will increase its usage when we get clients who are seeking such services. Currently, we don't have many clients who are seeking such threat intelligence or threat hunting services. At present, we are also learning about Splunk. In the future, we might migrate our setup to Splunk.

How are customer service and technical support?

We have contacted them, and their response is a bit slow. Multiple communication exchanges are required for getting the desired output, but we do get a response. We are satisfied with them.

How was the initial setup?

Its initial setup is easy. There are no issues with that.

What's my experience with pricing, setup cost, and licensing?

Its price is average and not very high. Splunk might be a bit cheaper than this. Its licensing is on a monthly basis.

Which other solutions did I evaluate?

We had evaluated SolarWinds and QRadar. We have different use cases for which we found ArcSight to be better.

What other advice do I have?

I would rate ArcSight Interset/Intelligence an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about Micro Focus, Securonix Solutions, Splunk, and more!