OpenText Enterprise Security Manager and Wazuh compete in the enterprise security solutions category. OpenText seems to have the upper hand due to its advanced features despite its higher cost.
Features: OpenText ESM provides robust threat intelligence, comprehensive incident response capabilities, and a powerful correlation engine to handle vast amounts of data. Its integration with third-party products adds significant value. Wazuh offers file integrity monitoring, real-time security analytics, and a customizable open-source framework, making it a versatile option for various environments.
Room for Improvement: OpenText ESM can be resource-intensive and complex to implement, with a less intuitive user interface that could benefit from simplification. It also requires more streamlined customer support packages. Wazuh could improve its support for advanced features and third-party integrations, and enhancements to the enterprise version's support offerings would be beneficial. Additionally, its user interface, while flexible, can be less polished compared to commercial alternatives.
Ease of Deployment and Customer Service: OpenText ESM deployment can be challenging and may require substantial resources. It offers extensive customer service but comes at a higher price. Wazuh is relatively easy to deploy due to its open-source nature, providing flexible integration with existing systems. Customer service is community-driven, with additional support available in the enterprise edition.
Pricing and ROI: OpenText ESM's higher cost reflects its extensive features and quick incident response, which is invaluable for large enterprises. Wazuh offers a cost-effective solution, particularly for small to medium-sized organizations. Its open-source nature significantly reduces expenses, but potential support costs can arise with enterprise adoption. Both aim for positive ROI, but cost considerations make Wazuh an attractive option for budget-conscious users.
I find that using ArcSight Enterprise Security Manager (ESM) provides a valuable return on investment as it serves as a single point of glass for logs and data analysis.
I have seen value in security cost savings with Wazuh, as using proprietary EDR versions could save us substantial money.
If I raise a P1 or P0 ticket, the response time is often delayed by four to eight hours.
I would rate the technical support of ArcSight Enterprise Security Manager (ESM) a nine as they are always available and responsive whenever we open a case.
They responded quickly, which was crucial as I was on a time constraint.
We use the open-source version of Wazuh, which does not provide paid support.
The documentation is good and provides clear instructions, though it's targeted at those with technical backgrounds.
It lacks some capabilities compared to other tools available in the market.
It is easy to scale, and I have not encountered any issues when we require more storage or deployment.
It can accommodate thousands of endpoints on one instance, and multiple instances can run for different clients.
Currently, I don't see any limitations in terms of scalability as Wazuh can still connect many endpoints.
Scalability depends on the configuration and the infrastructure resources like compute and memory we allocate.
I would rate the stability of ArcSight Enterprise Security Manager (ESM) a nine because I have not encountered significant issues, unlike other solutions that sometimes have database errors.
The stability of ArcSight Enterprise Security Manager (ESM) is not very robust.
The stability of Wazuh is strong, with no issues stemming from the solution itself.
The stability of Wazuh is largely dependent on maintenance.
The indexer frequently times out, requiring system restarts.
I would like to see the detection and response features included in the next release of ArcSight Enterprise Security Manager (ESM), as security orchestration and automation are increasingly important.
The integration aspect of ArcSight Enterprise Security Manager (ESM) needs improvement.
Machine learning is needed along with understanding user behavior and behavioral patterns.
The integration modules are insufficiently developed, necessitating the creation of custom integration solutions using tools like Logstash and PubSub.
I think Wazuh should improve by introducing AI functionalities, as it would be beneficial to see AI incorporated in the threat hunting and detection functionalities.
ArcSight Enterprise Security Manager (ESM) is very cheap compared to other tools.
I would rate the pricing of ArcSight Enterprise Security Manager (ESM) around seven, as it varies based on features and demand, making it more affordable for larger organizations, while smaller ones might find it expensive.
Wazuh is completely free of charge.
I would definitely recommend Wazuh, especially considering Fortinet's licensing model which is confusing and overpriced in my opinion.
Totaling around two lakh Indian rupees per month.
The ability to interpret data is highly valued.
The log analysis feature is particularly valuable as it allows analysts to interpret intrusion-related logs efficiently.
Wazuh is a SIEM tool that is highly customizable and versatile.
The system allows us to monitor endpoints effectively and collect security data that can be utilized across other platforms such as SOAR.
With this open source tool, organizations can establish their own customized setup.
| Product | Mindshare (%) |
|---|---|
| Wazuh | 4.4% |
| OpenText Enterprise Security Manager | 1.6% |
| Other | 94.0% |
| Company Size | Count |
|---|---|
| Small Business | 37 |
| Midsize Enterprise | 14 |
| Large Enterprise | 59 |
| Company Size | Count |
|---|---|
| Small Business | 27 |
| Midsize Enterprise | 15 |
| Large Enterprise | 8 |
OpenText Enterprise Security Manager enables real-time threat detection through scalable and adaptable solutions, integrating seamlessly with multiple platforms for complex security scenarios across different environments.
OpenText Enterprise Security Manager offers extensive security monitoring capabilities, combining log analysis and incident management to enhance cybersecurity and compliance. Its powerful event correlation engine provides real-time alerts for rapid incident response. Users benefit from customizable dashboards and comprehensive log collection, making it a significant tool in the SIEM market. Flexible deployment options cater to both on-premises and cloud environments, supporting enterprises in managing IT infrastructure and threat detection efficiently.
What are the key features of OpenText Enterprise Security Manager?In industries such as finance, healthcare, and energy, OpenText Enterprise Security Manager is implemented for monitoring critical systems and ensuring compliance with regulatory needs. Enterprises leverage its capabilities for forensic investigations and active threat management, serving as a central hub for cybersecurity operations across diverse IT infrastructures.
Wazuh offers an open-source platform designed for seamless integration into diverse environments, making it ideal for enhancing security infrastructure. Its features include log monitoring, compliance support, and real-time threat detection, providing effective cybersecurity management.
Wazuh stands out for its ability to integrate easily with Kubernetes, cloud-native infrastructures, and various SIEM platforms like ELK. It features robust MITRE ATT&CK correlation, comprehensive log monitoring capabilities, and detailed reporting dashboards. Users benefit from its file integrity monitoring and endpoint detection and response (EDR) capabilities, which streamline compliance and vulnerability assessments. While appreciated for its customization and easy deployment, room for improvement exists in scalability, particularly in the free version, and in areas such as threat intelligence integration, cloud integration, and container security. The platform is acknowledged for its strong documentation and technical support.
What are the key features of Wazuh?In industries like finance, healthcare, and technology, Wazuh is utilized for its capabilities in log aggregation, threat detection, and vulnerability management. Companies often implement its features to ensure compliance with stringent regulations and to enhance security practices across cloud environments. By leveraging its integration capabilities, organizations can achieve unified security management, ensuring comprehensive protection of their digital assets.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
