Intelligent Security Operations

Real-time threat detection, analytics and investigation from any source, anywhere

  • Your security operations can stay on top of the data velocity, volume, and variety using a message bus architecture that supports open standards like Kafka.

  • By automating real-time event correlation and advanced analytics, you can free your security operations analysts to find both known and unknown multi-stage attacks.

  • Simplified investigative search and analysis built on the world’s fastest, open standards database—Vertica—reduces the time to identify threats when security expertise is limited.

Open Architecture

Gain greater visibility into multi-stage attacks using a message bus that ensures data moves from any source to any destination, with full flexibility for publish and subscribe.

Event Broker, built on Apache Kafka, ingests data from any source and sends it anywhere
Real-time data enrichment adds security context to raw data
400+ out of box connectors collect data from all source types
1 million events per second data ingestion with message bus
Centralized management console provides an end to end picture of your security environment
Real-time Detection

Uncover vital missing links and discover unknown or insider threats through the integration of real-time event correlation with user and behavior analytics.

50 out of -the-box algorithms for advanced analytics
Real-time event correlation automates time-consuming searches
Up to tens of thousands of events correlated at one time
User and behavior analytics helps find “unknown” threats
Centralized management console provides an end to end picture of your security environment
Intuitive Investigation

Equip your SecOps analysts with the ability to accelerate both detection and remediation through analytics-driven, guided investigation tools.

10X faster search and advanced analytics processed immediately
Guided search query builds with automatic suggestions at Day One
Powerful chart and dashboard creation, optimized for security investigation
A full range of data for search and analysis with an easy access to Hadoop
ArcSight Marketplace

An app store designed to help you dive deeper into your ArcSight SIEM deployment by providing trusted apps, add-ons, and best practices. Add your own solution and monetize it.

release-rel-2018-11-1-1289 | Wed Nov 7 06:29:38 PST 2018
1289
release/rel-2018-11-1-1289
Wed Nov 7 06:29:38 PST 2018