Threat Detection and Response

OpenText ArcSight Enterprise Security Manager

Accelerate threat detection and response with real-time detection and native SOAR

A person working on a laptop


A person typing on a laptop

OpenText™ ArcSight™ Enterprise Security Manager (ESM) is a powerful, adaptable SIEM that offers comprehensive data collection and real-time threat analysis, along with a native threat intelligence feed and native SOAR. Backed by an industry-leading correlation engine, ArcSight ESM alerts analysts to threat-correlated events as they occur, dramatically reducing the time to detect, react, and triage cybersecurity threats.

Read the product data sheet

Why choose ArcSight Enterprise Security Manager?

  • Real-time threat detection

    Detect and escalate known threats faster than any other threat detection technology with industry-leading SIEM correlation analytics.

  • Native SOAR

    Modernize security analytics with Security Orchestration, Automation, and Response (SOAR) provided as a complementary, native solution.

  • Scalable and adaptable SIEM

    Scale to 100,000+ EPS with highly customizable rules and content that can address your organization’s unique needs.

How ArcSight Enterprise Security Manager can benefit business

Discover how ArcSight ESM can reduce threat exposure, lower the total cost of ownership, address any SIEM use case, and achieve operational efficiency.

  • Reduce threat exposure

    Reduce threat exposure

    Leverage real-time threat detection and automated response to dramatically reduce exposure time.

  • Lower your total cost of ownership

    Lower your total cost of ownership

    Utilize native threat intelligence and SOAR capabilities to consolidate and reduce SecOps deployment costs.

  • Address any SIEM use case

    Address any SIEM use case

    Scale and adapt with highly customizable rulesets, dashboards, and reports to meet all your SIEM needs.

  • Achieve operational efficiency

    Achieve operational efficiency

    Enable analysts to focus their efforts, save time, and optimize their efficiency with dynamic event risk scoring, prioritization, and automated response.


  • Enterprise-wide event visibility

    Aggregates, normalizes, and enriches data from more than 450 event source types for enhanced threat visibility across the cyber environment.

  • Real-time threat detection

    Analyzes 100,000+ events per second, and alerts analysts to threat-correlated events as they occur so they never have to wait on batched searches.

  • Complementary SOAR

    Empower your SOC with automation, out-of-the-box playbooks, incident management, SOC analytics, integrations, and more.

  • Automated threat intelligence

    Incorporates open-source threat intelligence data automatically through a native threat intelligence feed so your team stays up to date on all the latest threats.

  • Intelligent risk scoring and prioritization

    Examines multiple data points and criteria using a unique priority formula to evaluate risk and determine an event’s relative importance—or priority—to your network.

  • Ecosystem integration

    Seamlessly integrates with your existing SOC ecosystem, MITRE ATT&CK, threat intelligence feeds, and more.

  • Multi-tenancy

    Allows distributed business units to centralize and simplify tenant management with multi-tenant capabilities and access control permissions configurable down to the event level.

  • Reports, dashboards, and content

    Provides MITRE ATT&CK mapping, modular dashboards, hundreds of adjustable correlation rules, custom reports, and more to enhance ROI.

Explore ArcSight’s newest features

Explore the advantages of OpenText and partner services

Professional Services

OpenText Consulting Services combines end-to-end solution implementation with comprehensive technology services to help improve systems.


OpenText helps customers find the right solution, the right support and the right outcome.


OpenText Learning Services offers comprehensive enablement and learning programs to accelerate knowledge and skills.


Explore our OpenText communities. Connect with individuals and companies to get insight and support. Get involved in the discussion.

Leaders trust OpenText

See how customers are succeeding with ArcSight Enterprise Security Manager.

See more success stories
Odeabank logo

Leading bank cuts daily volume of security alerts needing investigation by 90%

Learn more

ITC Secure Networking slashes time to detect cyber-attacks with ArcSight

Learn more
NPC Ukrenergo

ArcSight drastically improves advance threat detection and response through cross-team collaboration and data-driven security analytics

Learn more
CHT Security logo

ArcSight supports continued innovation and enhanced customer service while ensuring regulation compliance in a move to cloud computing

Learn more
PWC Canada

ArcSight steps up to detect advanced threats on critical infrastructure clients in North America with scalable and flexible threat hunting

Learn more
National Bank of Georgia logo

ArcSight streamlines and automates security operations, resulting in significant time savings and full compliance

Learn more

ArcSight Enterprise Security Manager resources

ArcSight Enterprise Security Manager

Read the data sheet

OpenText is a 2023 Customers’ Choice for SIEM on Gartner® Peer Insights™

Read the blog

ArcSight upgrades/Version currency

Read the blog

ArcSight 2023.1: ArcSight SaaS with real-time threat detection

Watch the video

Real-time correlation with ArcSight

Watch the video

ArcSight end-to-end security operations

Watch the video

ArcSight 2023 | Demo 1: Fusing real-time and batch analytics

Watch the video

Upgrading ArcSight ESM

Watch the video

ArcSight nation: Stay connected to get the most out of ArcSight

Read the blog

ArcSight scores 10/10 in MITRE ATT&CK competitive SIEM evaluation

Read the blog

Empower cybersecurity heroes with real-time detection and SOAR on SaaS

Read the blog

Detecting MITRE ATT&CK techniques: Is SIEM effective?

Read the blog

ArcSight’s newest features

Read the article

360° analytics for a resilient SOC

Read the position paper

OpenText footer