New ArcSight Logger Adds Real-Time Analysis and Event Mining to Reduce Investigation Time, Effort, and Cost
SOURCE:
ArcSight
2008-07-30 07:00:00
New ArcSight Logger Adds Real-Time Analysis and Event Mining to Reduce Investigation Time, Effort, and Cost
New ArcSight Logger Adds Real-Time Analysis and Event Mining to Reduce Investigation Time, Effort, and Cost
ArcSight SIEM Platform Brings New Forensics-on-the-Fly Capabilities to Organizations of All Sizes
CUPERTINO, CA–(EMWNews – July 30, 2008) – ArcSight, Inc. (
leading provider of compliance and security management solutions that
protect enterprises and government agencies, today announced a new release
of ArcSight Logger that provides “forensics on the fly.” This capability,
now available across the entire ArcSight SIEM platform, enables IT and
forensics teams to quickly conduct informative top-down investigations.
These teams can immediately drill down into source events from dashboards,
reports, searches, and alerts both in real-time and in support of
after-the-fact compliance audits.
Other vendors force users to choose between real-time drill downs for event
mining and high-speed log collection and storage. ArcSight provides the
ability to mine events directly from alerts and reports across its log and
event management products in real time without the need for highly trained,
expert security analysts.
“One of the key reasons we selected ArcSight ESM was for its capabilities
around rapid investigation of threats and violations,” said Paul Melson,
information security officer, Priority Health. “Now, we have the ability
to conduct ‘forensics on the fly’ just as easily with ArcSight Logger,
which allows us to further accelerate our investigation turnaround time for
compliance violations and system health issues across our entire enterprise
while increasing our staff efficiency and reducing our costs.”
Faster Investigations Save Time, Effort, and Costs
With today’s growing and sophisticated threat environment, the ability to
quickly detect threats, conduct root cause analysis, and minimize business
risk has become a business imperative.
ArcSight forensics-on-the-fly capabilities enable organizations to
accelerate resolution time, increase staff efficiency, and reduce costs
through intuitive, interactive dashboards. Drill-down capabilities and
pre-built navigation paths eliminate the need to conduct separate
drill-down investigations and significantly reduce the complexity and time
associated with root-cause analysis.
-- Users are presented with interactive and personalized dashboards that
combine relevant reports into a single role-based view.
-- From these aggregate dashboards, users can drill into and across
reports and investigate potential violations.
-- Users can further analyze report results using an intuitive search
interface to conduct quick-and-easy ad hoc investigations for root-cause
analysis.
-- In turn, users can convert the search patterns into real-time alerts
to ensure that subsequent matches lead to instant notification.
-- Finally, users can directly drill from any alert to underlying events
that triggered the alert.
“The new release of ArcSight Logger can really improve the productivity of
log analysis and forensics,” said Jon Oltsik, senior analyst with
Enterprise Security Group. “With this announcement, ESG believes that
ArcSight has further increased its value to any enterprise by complementing
its powerful detection capabilities with this significant improvement in
real-time investigations and forensics.”
“Our ArcSight ESM customers have always enjoyed the ability to drill down
from correlated notifications into the events behind those notifications,”
said Reed Henry, senior vice president of marketing, ArcSight. “With this
release of ArcSight Logger, we have added this ability to mine events, or
as we call it, forensics on the fly, to our log management products,
delivering much needed productivity to log analysis and forensic
investigation. Now organizations of any size can quickly and cost
effectively conduct informative investigations to determine the root cause
of log alert events in real time.”
The ArcSight SIEM Platform
The ArcSight Security Information and Event Management (SIEM) Platform
consists of an industry-leading integrated set of products for collecting,
managing, storing, and analyzing enterprise log data. The products cover
customer needs from those as simple as historical log reporting to real
time alerting and 24X7 security operations center notifications. The
platform includes these components:
-- ArcSight Connectors, for collecting log data in native format from
more than 275 devices and applications, then normalizing the data to a
common format.
-- ArcSight Logger and PCI Logger, for cost-effective storage and
management of log data for compliance reporting.
-- ArcSight ESM, for multi-variable analysis of millions of events in
real time, to detect data breaches as they occur.
-- ArcSight Compliance Insight Packages, for jump-starting compliance-
related projects via pre-built rules, reports, and dashboards based on
audit best practices.
The platform components are available as software and hardware deployment
options. The platform is also available as a hosted service from multiple
ArcSight MSSP partners.
For More Information
To learn more about the ArcSight Log Management Suite, visit
http://www.arcsight.com/solutions_log_management.htm
ArcSight was named a Leader in the most recent 2008 Gartner Group Magic
Quadrant for SIEM. ArcSight has been recognized in the Leader Quadrant for
the past five years.
About ArcSight
ArcSight (
security management solutions that protect enterprises and government
agencies. ArcSight helps customers comply with corporate and regulatory
policy, safeguard their assets and processes, and control risk. The
ArcSight platform collects and correlates user activity and event data
across the enterprise so that businesses can rapidly identify, prioritize,
and respond to compliance violations, policy breaches, cybersecurity
attacks, and insider threats. For more information, visit
ArcSight, the ArcSight logo, ArcSight Logger and ArcSight PCI Logger are
trademarks of ArcSight, Inc.
