@@amyheng4892 you are largely correct, but that depends of your definition of the SIEM. Enterprise Security (ES) has got extensions towards Threat Intel, UBA, automation, an incident response which makes the platform more valuable in comparicement to the traditional Gartner-definition of SIEM-products. Imagine best security practices in a box productized in form of interactive dashboards with several frameworks - that's your ES.
