Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

Comprehensive threat detection, analysis, triage, and compliance management--with ArcSight ESM

Security_Guest ‎04-21-2017 04:52 AM - edited ‎04-21-2017 05:14 AM

SecOps teams and SOC personnel are presented with a world of continuously evolving known and unknown threats. Effective solutions must be implemented within an enterprise to quickly detect attacks and provide security orchestration for efficient identification and remediation. At HPE, we are always investing in developing our solutions to meet the needs of the information security community. This includes current needs within enterprise security, along with “what’s next” in cybersecurity for enterprise clients and security-as-a-service partners. Through open architecture allowing integrations with multiple data sources, to providing powerful real-time event detection to intuitive investigation of unknown threats, we allow enterprises to protect themselves and their customers with scalable and flexible solutions for complex environments.

Enterprise Security Manager – Release 6.11
As we continue to improve the solutions we provide enterprises, we have released our latest update to ArcSight Enterprise Security Manager—better known as ESM. ESM is a comprehensive threat detection, analysis, triage, and compliance management platform that dramatically reduces the time to mitigate cybersecurity threats. ArcSight allows security teams to:

  • Move from enriched event data to real-time correlation
  • Use workflow management
  • Triage advanced persistent threats to mitigation and resolution

In our ESM 6.11 release, we have introduced the following next-generation architecture features:an1.png

 Kafka enabled Event Broker and ArcSight Investigate integrations:

  • Supports intelligent and open architecture through our Kafka-enabled Event Broker.
  • Allows for the acceptance of information from any data source.
  • Allows data sources to provide information in human-readable formats and apply rules according to the format.
  • With real-time contextual descriptions, the data enrichment provided by Event Broker allows for powerful in-depth data correlation provided by ESM.

Improved and efficient ArcSight Command Center (ACC) case management and security orchestration through simplified workflow management, added integration commands, and easier investigation. ACC features include:

  • Dashboard and data monitor “drill-down” capability
  • Case search by ID
  • Full case description display
  • Customized control over right-click menus
  • Dock event details pane to the right of an active channel
  • New event graphs

Scalable IPv6 and Dual Stack capabilities to support growing enterprises:

  • Added IPv6 address and dual stack capabilities to help address the lack of IPv4 resources within enterprises

New UI themes allowing for light or darker colored backgrounds and themes

Added designed theme options for the ACC for SOC teams and personnelan2.png
For more information on HPE ArcSight Investigate, visit the website: www.hpe.com/software/investigate.

And to learn how you can get powerful and innovative search and investigation to take on even the most sophisticated adversaries, read the blog, "Security Operations gets more intuitive," by Jason Schmitt, VP and GM, ArcSight and Fortify, HPE Software. 

 

0 Kudos
About the Author

Security_Guest

Events
June 6 - 8, 2017
Las Vegas, Nevada
Discover 2017 Las Vegas
Join us for HPE Discover 2017 in Las Vegas. The event will be held at the Venetian | Palazzo from June 6-8, 2017.
Read more
Apr 18, 2017
Houston, TX
HPE Tech Days - 2017
Follow a group of tech bloggers for a new HPE Tech Day, a full day of sessions about how to create a hybrid IT, from hyperconverged to Composable Infr...
Read more
View all
//Add this to "OnDomLoad" event