Combat Cyber-attacks with ArcSight Enterprise Security Manager

Micro Focus has announced ArcSight Enterprise Security Manager (ESM) 7.0 , the latest release of its solution that prioritizes security threats and compliance violations with realtime threat intelligence to quickly identify and impede potential cyber-attacks.

With a massive growth of data being generated by interconnected IT systems, and a growing demand for faster response times a, the sheer amount of data that Security Operations Centres (SOCs) have to deal with can be overwhelming. Sifting through the noise, prioritizing analysis and response efforts and confidently using threat intelligence to make the right decisions is extremely difficult.

Furthermore, the only way to extract intelligence from the data is through a central processing unit (CPU) and memory intensive analytics and correlation. With distributed correlation, Micro Focus offers a powerful, new way to scale SIEMs analytics and event correlation without the need to incur excess costs, so that customers can focus on providing security insights and scaling their business without limits.

“Despite recent advances in compute and storage, many organizations continuously evaluate the cost-benefit of event ingestion into their analytics tools,” said Mary Writz, Head of Product Management, ArcSight Solutions at Micro Focus.

“The distributed correlation engine in ESM 7.0 has the ability analyze massive amounts of data while adding security context to raw data in real-time, making it instantly usable for analysis and identification of events of interest (EOI).”

With ArcSight ESM 7.0 and its newly introduced distributed correlation, users will find:

  • Improved correlation fidelity with more contextual event analysis
  • More efficient use of resources as ESM dynamically identifies EOI
  • Improvements to ESM availability and redundancy
  • Better cost/performance flexibility
  • Flexible expansion and capacity planning options to solve for a wider set of security use cases
  • Backwards compatibility with existing rules & content
  • The ability to get more value from existing security tools and events