OpenText

Identity/IAMCompliance/GRCSIEM/SOAR Visit website →
Best for: Large enterprises already invested in the OpenText/Micro Focus ecosystem needing SIEM and identity management
Pricing: Contact for pricing

What OpenText actually does

OpenText’s cybersecurity portfolio comes primarily from its acquisition of Micro Focus. The headline product is ArcSight — a legacy SIEM platform with deep correlation capabilities and a massive installed base in government and financial services. ArcSight has been around longer than most security analysts have been in the industry.

Beyond SIEM, the portfolio includes NetIQ for identity and access management, Voltage for data encryption and tokenization, and Fortify for application security testing. The digital forensics and investigation tools round out a broad but sometimes disconnected product lineup.

The identity management side covers privileged access, identity governance, and directory services. These products are mature and deeply embedded in large enterprises, particularly those running complex hybrid environments with mainframes and legacy systems alongside modern cloud infrastructure.

Who it’s best for

  • Large enterprises already running ArcSight SIEM that need continued support and modernization
  • Government agencies and defense contractors with existing Micro Focus deployments
  • Organizations with complex hybrid environments including mainframes and legacy systems
  • Enterprises needing data-centric security — encryption, tokenization, data masking — at scale
  • Companies with NetIQ identity infrastructure looking to maintain rather than rip and replace

Pricing reality check

OpenText pricing is enterprise license agreement territory. Expect complex, negotiated contracts with per-user, per-asset, or per-data-volume components depending on which products you are buying. Legacy customers on Micro Focus contracts may face pricing changes during renewal.

ArcSight specifically competes on price against modern cloud-native SIEMs, but the total cost of ownership includes significant infrastructure and staffing overhead. Running ArcSight well requires dedicated engineers — this is not a product you deploy and forget.

Alternatives to consider

  • Splunk — More modern SIEM with a larger ecosystem. Higher data costs, but easier to staff.
  • Microsoft Sentinel — Cloud-native SIEM with strong Azure integration. Lower infrastructure overhead.
  • CyberArk — If your primary need is privileged access management, CyberArk is deeper in that specific category.
  • SailPoint — For identity governance specifically, SailPoint has a more modern platform and larger market presence.

The Charting Cyber take

OpenText’s security portfolio is a collection of mature, capable products held together by acquisition history rather than unified architecture. If you are already running ArcSight or NetIQ, the products still work and OpenText has committed to continued investment. Ripping them out is expensive and disruptive.

If you are evaluating from scratch, the landscape has moved on. Cloud-native SIEMs are easier to operate. Modern identity platforms have better UX and faster deployment. OpenText makes sense when you have legacy infrastructure that demands legacy-compatible tooling — and that is not an insult, it is a real requirement for many large organizations. Just don’t expect a modern buying or deployment experience.

Get a quote for OpenText

Related vendors

1Password
Organizations that need a password manager employees will actually use, with solid developer secrets management bolted on.
Identity/IAM
AgileBlue
Organizations up to 5,000 endpoints wanting SOC-as-a-service with predictable pricing and no log ingestion fees
MDR/MSSPCloud SecuritySIEM/SOAR
Anomali
SOC teams that need to operationalize threat intelligence into detection and response workflows
Threat IntelligenceSIEM/SOAR