Try our new research platform with insights from 80,000+ expert users

NetWitness Platform vs OpenText Enterprise Security Manager comparison

NetWitness and OpenText are both solutions in the Security Information and Event Management (SIEM) category. NetWitness is ranked #33 with an average rating of 8.3, while OpenText is ranked #26 with an average rating of 6.8. NetWitness holds a 0.9% mindshare in SIEM, compared to OpenText’s 1.5% mindshare. Additionally, 75% of NetWitness users are willing to recommend the solution, compared to 88% of OpenText users who would recommend it.
NetWitness Platform
Read 36 NetWitness Platform reviews
  • 2,362 Views
  • 1,417 Comparison Views
75% willing to recommend
OpenText Enterprise Securit...
Read 98 OpenText Enterprise Security Manager reviews
  • 3,695 Views
  • 3,621 Comparison Views
88% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 28, 2025

NetWitness Platform and OpenText Enterprise Security Manager are competitors in the cybersecurity sector. OpenText has a slight advantage with advanced analytics, while NetWitness excels in threat detection.

Features: NetWitness Platform is known for its threat detection and incident response, using machine learning for continuous network monitoring and excelling in packet capture. OpenText Enterprise Security Manager offers strong data integration and analytics, suitable for complex environments.

Room for Improvement: NetWitness could enhance its user interface and add more customization options. It also needs improved documentation and regional support. OpenText may focus on refining user-friendliness, offering better integration with third-party tools, and providing more straightforward deployment options.

Ease of Deployment and Customer Service: OpenText allows flexible, customizable deployment in large IT ecosystems and seamless integration support. NetWitness focuses on rapid deployment and reliable customer support with a straightforward setup process that suits immediate needs.

Pricing and ROI: NetWitness involves substantial initial costs with promises of fast ROI through quick deployment and effective threat responses. OpenText, while having higher operational expenses, offers scalability and long-term strategic ROI through extensive security coverage.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed NetWitness Platform vs. OpenText Enterprise Security Manager Report (Updated: March 2026).
Buyer's Guide
NetWitness Platform vs. OpenText Enterprise Security Manager
March 2026
Download the complete report
Helped 884,933 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

NetWitness Platform
Ranking in Security Information and Event Management (SIEM)
33rd
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
36
Ranking in other categories
Log Management (34th)
OpenText Enterprise Securit...
Ranking in Security Information and Event Management (SIEM)
26th
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
98
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of March 2026, in the Security Information and Event Management (SIEM) category, the mindshare of NetWitness Platform is 0.9%, up from 0.6% compared to the previous year. The mindshare of OpenText Enterprise Security Manager is 1.5%, up from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
OpenText Enterprise Security Manager1.5%
NetWitness Platform0.9%
Other97.6%
Security Information and Event Management (SIEM)
 

Featured Reviews

MOTASHIM Al Razi - PeerSpot reviewer
MOTASHIM Al Razi
CISO at One Bank Limited
It is a stable solution, but they should make the user interface easier to understand
The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.
Read full review
DayaramGoyal - PeerSpot reviewer
DayaramGoyal
Vice President, Technology at Cache Digitech Pvt Ltd.
Integration shines but threat detection and technical support need attention
Regarding threat detection capabilities, I think OpenText Enterprise Security Manager covers the MITRE ATT&CK framework at an average level, and on a scale of one to ten, I would rate it only five. They have to improve in those areas in terms of threat detection capabilities. For ArcSight, they need to give the complete package, with UBA being part of that. They have added it, but I question what capabilities are there, especially on the SOAR side where they have to improve because the SIEM was very strong. For the SOAR side, because SIEM was very strong when they were earlier launched, but for SOAR, they were integrating with third-party solutions initially, and then they built the capability. They have acquired some company, but it is not up to that potential. They slowly and gradually lost that ground to Splunk, QRadar, and other companies, so when anybody talks about the full capabilities, they are not thinking about Micro Focus as of now. I would desire additional features in OpenText Enterprise Security Manager, especially on the SOAR side, and maybe on the UBA side, as threats intel and all, which are part of bundled solutions. Those are the areas they have to improve so that customers can trust and enhance those things, and maybe the customers will feel they should go for this product. As of now, if we are evaluating our own scenario, we are not even thinking about it. Earlier, that was not the scenario when they were selling this SIEM solution in the market; everybody was thinking OpenText was the default option, but now, if you're looking for a complete solution stack, nobody is even considering it.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features are the integration and ease of use."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"Their customer service is excellent, one of the best."
"The detection of ransomware in the internal network has benefited my organization."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
More NetWitness Platform pros
"Before we would have to have a large number of staff to be able to go in and do consulting opportunities, to mitigate and remediate security intrusions on given clients, now using ArcSight, albeit there may be a capital upfront cost to buy the software product, it enables us to speed our time to resolution."
"Thanks to Micro Focus's licensing model, as an MSSP, we are able to see a complete return on our investment almost immediately."
"We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities."
"I value the event correlation of this product."
"Its versatility when it comes to vendor support, the powerful ESM and logger tools, the Alert and Case Tracking mechanism, the Express all-in-one component for small businesses, the efficient NTP for blocking identified threats, and the ArcSight Flex Connector Development module for unsupported vendor products make this solution extremely capable."
"The out-of-the-box rules that help us configure functioning rules within the environment are valuable."
"ArcSight gives us better visibility into threats that were unknown earlier."
"ArcSight is very scalable."
More OpenText Enterprise Security Manager pros
 

Cons

"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"More customizability is required, which is something that they need to improve on."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"An area for improvement would be better automation and more inbuilt use cases."
"Security needs improvement."
More NetWitness Platform cons
"Best SIEM product but it's high on pricing and licensing."
"The solution itself is very scalable, but it is also a lot more expensive than other players."
"I would like to have a feature that gives us an entire report listing what devices are integrated."
"Could benefit from a more modern interface."
"The security area has room for improvement."
"​In certain cases, this product does have false positives, which the company should work on."
"The product should include a lot more predefined scenarios so the adopted company will have knowledge and a broader skill set in security and network."
"They also could improve the product by integrating user and identity behavior analytics."
More OpenText Enterprise Security Manager cons
 

Pricing and Cost Advice

"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."
"The product is expensive."
"There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
"The product price was reasonable for my region and the market."
"Our license is for one year."
"The tool is very expensive, so I rate the pricing a ten out of ten. The solution has an annual subscription."
"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
More NetWitness Platform pricing and cost advice
"The pricing model is expensive compared to open-source alternatives."
"​It is best to be an institutional buyer and directly contact the sales team, as they can provide over-the-top discounts for bulk orders.​"
"Customers without a ton of resources to dedicate to deployment may be better served by a managed ArcSight service."
"The product licenses are inexpensive."
"ArcSight ESM is an affordable solution, it cost approximately $200,000 for three years. This price was at a substantial discount."
"HPE ArcSight pricing might be more expensive than other SIEM solutions, but in my opinion it has powerful features and great flexibility in developing complex use cases."
"It's a good price, it's one of the cheaper solutions."
"The solution is super expensive. At our organization size and license model, I think the price is average to what anyone else would charge us."
More OpenText Enterprise Security Manager pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
884,933 professionals have used our research since 2012.
 

Comparison Review

VS
Vinod Shankar
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Financial Services Firm
11%
Performing Arts
8%
Computer Software Company
7%
Marketing Services Firm
7%
Marketing Services Firm
12%
Manufacturing Company
9%
Financial Services Firm
8%
Performing Arts
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise7
Large Enterprise20
By reviewers
Company SizeCount
Small Business37
Midsize Enterprise14
Large Enterprise57
 

Questions from the Community

What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
See all answers
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
See all answers
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
See all answers
Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
In my market, a lot of financial companies had or have an ArcSight installation. Just because in former times it was pretty good. Now a lot of them are looking for a more effective solution due to ...
See all answers
What do you like most about ArcSight Enterprise Security Manager (ESM)?
We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities.
See all answers
What is your experience regarding pricing and costs for ArcSight Enterprise Security Manager (ESM)?
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools. It is worth the investment if you are considering the cost.
See all answers
 

Comparisons

IBM Security QRadar vs NetWitness Platform Logo
IBM Security QRadar vs NetWitness Platform
Compared 8% of the time
Splunk Enterprise Security vs NetWitness Platform Logo
Splunk Enterprise Security vs NetWitness Platform
Compared 7% of the time
Elastic Security vs NetWitness Platform Logo
Elastic Security vs NetWitness Platform
Compared 5% of the time
Sumo Logic Security vs NetWitness Platform Logo
Sumo Logic Security vs NetWitness Platform
Compared 4% of the time
RSA enVision vs NetWitness Platform Logo
RSA enVision vs NetWitness Platform
Compared 4% of the time
More NetWitness Platform Competitors
Trellix ESM vs OpenText Enterprise Security Manager Logo
Trellix ESM vs OpenText Enterprise Security Manager
Compared 12% of the time
IBM Security QRadar vs OpenText Enterprise Security Manager Logo
IBM Security QRadar vs OpenText Enterprise Security Manager
Compared 9% of the time
SurfWatch Labs SurfWatch vs OpenText Enterprise Security Manager Logo
SurfWatch Labs SurfWatch vs OpenText Enterprise Security Manager
Compared 7% of the time
Splunk Enterprise Security vs OpenText Enterprise Security Manager Logo
Splunk Enterprise Security vs OpenText Enterprise Security Manager
Compared 6% of the time
OpenText Behavioral Signals vs OpenText Enterprise Security Manager Logo
OpenText Behavioral Signals vs OpenText Enterprise Security Manager
Compared 5% of the time
More OpenText Enterprise Security Manager Competitors
 

Product Reports

Buyer's Guide
NetWitness Platform
March 2026
NetWitness Platform reportDownload NetWitness Platform product report
Buyer's Guide
OpenText Enterprise Security Manager
March 2026
OpenText Enterprise Security Manager reportDownload OpenText Enterprise Security Manager product report
 

Also Known As

RSA Security Analytics
Micro Focus ArcSight, HPE ArcSight, ArcSight
 

Overview

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness

OpenText Enterprise Security Manager enables real-time threat detection through scalable and adaptable solutions, integrating seamlessly with multiple platforms for complex security scenarios across different environments.

OpenText Enterprise Security Manager offers extensive security monitoring capabilities, combining log analysis and incident management to enhance cybersecurity and compliance. Its powerful event correlation engine provides real-time alerts for rapid incident response. Users benefit from customizable dashboards and comprehensive log collection, making it a significant tool in the SIEM market. Flexible deployment options cater to both on-premises and cloud environments, supporting enterprises in managing IT infrastructure and threat detection efficiently.

What are the key features of OpenText Enterprise Security Manager?
  • Event Correlation Engine: Real-time threat detection with advanced correlation capabilities.
  • Scalability: Adapts to enterprise-level demands and complex security needs.
  • Integration: Seamlessly integrates with multiple platforms and third-party tools.
  • Customizable Dashboards: Tailored views and active lists enhance user experience.
  • Advanced Alerting: Provides timely incident response and security alerts.
Why should users look for reviews when evaluating OpenText Enterprise Security Manager?
  • Timely Incident Responses: Fast alerting and action against threats.
  • User-Friendly Experience: Customizable dashboards simplify monitoring tasks.
  • Comprehensive Security Management: Integrated log management and threat detection across domains.
  • Adaptability and Scalability: Supports both on-premises and cloud deployments.

In industries such as finance, healthcare, and energy, OpenText Enterprise Security Manager is implemented for monitoring critical systems and ensuring compliance with regulatory needs. Enterprises leverage its capabilities for forensic investigations and active threat management, serving as a central hub for cybersecurity operations across diverse IT infrastructures.

OpenText
 

Sample Customers

Los Angeles World Airports, Reply
Lake Health, U.S. Department of Health and Human Services, Bank AlJazira, Banca Intesa, and Obrela.
Buyer's Guide
NetWitness Platform vs. OpenText Enterprise Security Manager
March 2026
Free Report: NetWitness Platform vs. OpenText Enterprise Security Manager
Find out what your peers are saying about NetWitness Platform vs. OpenText Enterprise Security Manager and other solutions. Updated: March 2026.
DOWNLOAD NOW
884,933 professionals have used our research since 2012.
See our NetWitness Platform vs. OpenText Enterprise Security Manager report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.