A recent Gartner's report published on Jan 4, 2013 on 'SIEM Market Trends, Solutions, Assessment and Select Product Profiles 2013' wrote that "ArcSight has been the most visible product in the SIEM space since at least 2005, and ArcSight SIEM tools are currently used in many of the largest SIEM deployments in the world". Gartner recommends the vendors looking for SIEM solution that "ArcSight ESM software should be on the list for every large organization building an SOC".
Gartner, in the last year's Magic Quadrant had suggested that HP ArcSight is a complex system, but with our constant commitment to product expansion to solve our customer's problems, Gartner report now quotes that "A recent move from the relational database to a custom-built Correlation Optimized Retention and Retrieval (CORR) storage back end may resolve some of the complexity challenges". The report also suggests that one reason that vendor prefers ArcSight is that "ArcSight is more likely to be chosen for comprehensive security monitoring or security combined with compliance use cases rather than as a quick "checkbox" for a particular regulation".
“This paper is a in-depth look at today’s SIEM technology and market, as relevant to large enterprises” says the author Anton Chuvakin on his blog.
HP ArcSight has strengthened its entire portfolio recently with Logger 5.3 with ease of deployment and Windows environment support through Hyper-V, ESM 6.0c with built in CORR engine that scales linearly with your big data with no database to manage, and 350+ SmartConnectors that help you to pull and unify data from over 350 log generating sources including your home grown applications through Flex-Connectors.