Protect Your Universe with ArcSight

Transcription

1 Protect Your Universe with ArcSight

2 The ArcSight SIEM Platform: Prevent Data Theft Enforce Compliance Defeat Cybercrime

3 Before ArcSight, it was difficult to know in realtime what was happening from an IT security and Problem More Threats, More Risk, More Pain Keeping your organization safe and secure can be a daunting task. Bots, worms, and hackers threaten it from the outside. Data breaches, theft, and fraud threaten it from the inside. A bad economy only magnifies the problems. At the same time, increasing regulations and fines highlight the risk of failure in preventing these threats. It s never been more challenging to protect your business. As a result, the value of automated security and compliance monitoring has never been higher. compliance perspective. Now we have dashboards that are viewed by very skilled security analysts. ArcSight has quickly become a key strategic element in the safe and secure operation of our bank. -- Ali Alotaibi, IT Security Manager, Saudi Hollandi Bank Solution Complete Visibility to Address Problems Early The ArcSight SIEM Platform helps safeguard your business by giving you complete visibility into activity across the IT infrastructure: external threats such as malware and hackers; internal threats such as data breaches and fraud; and compliance pressures from failed audits. ArcSight provides the industry s leading Security Information and Event Management (SIEM) platform comprised of an integrated product suite for collecting, processing and assessing security and risk event information, to enable rapid identification, prioritization, and response to policy breaches, cybersecurity attacks and insider threats. For six consecutive years, Gartner has positioned ArcSight in the Leaders Quadrant for Security Information and Event Management and IDC has once again named ArcSight as the market share leader in the SIEM market. 1

4 Here s what ArcSight SIEM can do for you: Protect critical assets and information Real-time monitoring of key assets such as file servers, control systems, and databases help detect signs of trouble when it is still possible to prevent disaster. The ArcSight SIEM Platform correlates the many pieces of information and evaluates risks across your enterprise to act as an early warning system for your business. Lower the cost of compliance Regulations continue to increase and compliance remains a top business initiative. To avoid the penalties of failed audits, organizations must show that their controls are effective and that their business systems are robust enough to fend off attack and protect confidential information. ArcSight prebuilt regulatory compliance packages to provide out of the box mapping to specific requirements. The result is automated compliance reporting and continuous compliance control oversight, resulting in lower effort and operational costs with more protection. Monitor key users for unusual activity Is someone in the finance department leaking earnings information? Is a call center representative stealing customer credit card data? Is a terminated employee gaining access to his old accounts? Only ArcSight can provide a 360-degree view of your systems and users, and tell you who is doing what, where, when and how. ArcSight links user, group, and role information with actual network and application activity to provide verified connections between actual people (not just an IP address) and potentially high-risk activities. Manage billions of log events The pressure is on to collect and store audit-relevant log data from numerous sources. Without effective log management, it becomes nearly impossible to sift through terabytes of information and isolate the events needed to support an audit or an investigation. ArcSight can help your enterprise store, manage, and report against massive volumes of log data and enables forensics analysis of security incidents, as well as automated compliance reporting. Protect critical assets and information Lower the cost of compliance Monitor key users for unusual activity Manage billions of log events 2

5 The ArcSight SIEM Platform Thanks to ArcSight, it became very easy to look at a series The ArcSight SIEM Platform is an integrated product suite for collecting, processing, and assessing security and risk event information. of security events regardless of which device they came from and see the real scope ArcSight IdentityView ArcSight Compliance Insight Packs of the problem and respond appropriately. -- Tim Maletic, Information Services Security Officer, Priority Health ArcSight ESM ArcSight Logger ArcSight Connectors Network Devices Security Devices Physical Access Mobile Servers Desktop Identity Sources Databases Apps 3

6 ArcSight ESM Enterprisewide Protection Sensitive Data Protection Critical Transaction World-Class Correlation and Analysis Automated or Manned Security Operations Monitoring ArcSight ESM with its state-ofthe-art technology and ease of scalability is the key element for our T-Mobile Operations Security Cockpit as it answers the challenge of identifying quickly the relevant security threats. -- R.Kopp VP, T-Mobile Operations Risk Management, T-Mobile ArcSight Logger Fastest Collection and Search Available Small-to-Enterprise Scalability Business Intelligence for Logs Automated Compliance Low-Cost Storage 4

7 ArcSight has been with us every step of the way they listened to our needs and are invested in our success. They proved to us they aren t just a technology vendor, they are a partner. -- Kent Podvin, Director of IT, Capital Blue Cross ArcSight IdentityView Privileged User Monitoring Shared Account Attribution User Behavior Profiling 360 User Activity Analysis Role Violation Detection ArcSight Connectors 275+ Third-Party Product Connectors Simple Toolkit for Virtually All Other Products Future Proofed Through Event Normalization 5

8 ArcSight Compliance Insight Packs Continuous Control Monitoring Best Practice IT Governance Audit-Ready Compliance Reports Pre-built for Specific Regulations Frameworks Typically, skilled people are required that understand the log files on each of the different systems in your environment. But ArcSight Express eliminates that need by doing all the aggregation and correlation across all our systems. Now one employee can do the work of four or five people. ArcSight ArcSight Express Security Expert In a Box World-Class Correlation and Log Management Turnkey Simplicity Automated Security Operations New! Pre-built, Comprehensive Protection and Compliance Express is a very cost effective solution. -- Candy Alexander, Chief Security Information Officer, Long Term Care Partners 6

9 About ArcSight ArcSight (NASDAQ: ARST) is a leading global provider of compliance and security management solutions that protect enterprises and government agencies. ArcSight helps customers comply with corporate and regulatory policy, safeguard their assets and processes, and control risk. The ArcSight SIEM Platform collects and correlates user activity and event data across the enterprise so that businesses can rapidly identify, prioritize, and respond to compliance violations, policy breaches, cyber-security attacks, and insider threats.

10 ArcSight SIEM ArcSight, Inc. 5 Results Way, Cupertino, CA 95014, USA info@arcsight.com Corporate Headquarters: ARST EMEA Headquarters: Asia Pac Headquarters: ArcSight, Inc. All rights reserved. ArcSight and the ArcSight logo are trademarks of ArcSight, Inc. All other product and company names may be trademarks or registered trademarks of their respective owners. ARST-EVB