HP states that its HP ArcSight portfolio that offers unified security analytics for big data with expanded identity monitoring is used for accelerating the detection of persistent threats.
Enterprises must proactively anticipate intrusions and hasten the detection of risks in order to protect valuable assets. To successfully identify and remediate occurrences of prolonged unauthorized network access, also known as advanced persistent threats (APTs), organizations must be prepared to:
Handle and process information at high velocity, volume and variety.
Analyze structured and unstructured data both inside and outside their network.
Monitor events in cloud, mobile and virtual environments.
Automatically take action once a threat has been detected.
Typically batch in nature, big data analytics allows an organization to organize and analyze vast amounts of structured and unstructured information to facilitate the detection of rogue employees, partners, or criminal or collusive rings of fraudulent or abusive activity, said Avivah Litan, analyst, Gartner. A critical ingredient for success is the ability to quickly and easily integrate all types of structured and unstructured information across multiple internal and external information sources.(1)
Strengthening its existing portfolio of security solutions for big data, HP has introduced a series of updates including HP ArcSight Threat Detector 2.0 with out-of-the-box threat profiles and threat profile intelligence, and HP ArcSight Threat Response Manager 5.5 with cloud-ready, closed-loop capabilities for accelerated threat detection and response to mitigate APTs. In addition, HP ArcSight IdentityView 2.5 has been enhanced with expanded correlation of user identity, roles, and activities across events and security incidents.
With unified analytics from applications, users, network and systems, HP provides a unique portfolio of solutions integrating information security with big data. Collectively, these solutions process events at scale, provide deep insights out of the box, correlate user context, and provide actionable intelligence to reduce the risk of APTs.
With a mission to provide superior health care, it is critical that we prevent system disruptions that might impact patient safety or quality of care, said Keith Duemling, Information Security Officer, Lake Health. By automating threat detection across our network, HP ArcSight allowed us to move to a much more proactive approach to information security and improve our ability to detect risks that might affect overall system performance by a factor of 10.
Adversaries only need to get it right once to invoke serious damage on an organizations private data, ability to provide critical service or corporate reputation, said Ranndeep Chonker, Country Manager, HP Enterprise Security Products, India. With solutions designed to enhance threat detection through improved security analytics for big data, HP enables customers to quickly identify potential attackers and take action proactively to minimize business impact and prevent disruption to critical client services.
With the launch of HP ArcSight IdentityView 2.5, HP also has expanded the number of users that a single instance can monitor by 10 times, helping organizations correlate security incident and event data across an expansive user base to reduce insider threat risk.
If a users activity on the network does not correspond to permitted access controls and baseline behavior based on historically correlated data, the solution will flag the profile for further investigation. As a result, a companys security operations team can identify intentional versus unintentional activities and mitigate potential threats in real time.
Respond quickly to reduce risk of data loss
After a threat has been detected, organizations need to isolate the intrusion and resolve the compromise before valuable data is exfiltrated from the network. Delivered as a cloud-ready, add-on application to the leading HP ArcSight Security Information and Event Management (SIEM) platform, HP ArcSight Threat Response Manager (TRM) 5.5 provides a closed-loop, end-to-end network security and monitoring solution that addresses accelerated threat detection through proactive response.
HP TRM takes the threat response process to the next level with controls and automation of attack responses, helping to reduce threat response time without adding cost. The solution also enables users to automate the entire threat response process, reducing the need for additional security staff. Instead of waiting for the staff to manually disable accounts or network access, HP TRM shuts off access in a timely manner.
Additionally, HP has extended the capabilities of HP TRM beyond the data center and into the cloud. HP TRM is offered as a virtualized appliance on VMware, giving clients greater deployment flexibility while helping address their unique security needs
HP states that its HP ArcSight portfolio that offers unified security analytics for big data with expanded identity monitoring is used for accelerating the detection of persistent threats.
Enterprises must proactively anticipate intrusions and hasten the detection of risks in order to protect valuable assets. To successfully identify and remediate occurrences of prolonged unauthorized network access, also known as advanced persistent threats (APTs), organizations must be prepared to:
Handle and process information at high velocity, volume and variety.
Analyze structured and unstructured data both inside and outside their network.
Monitor events in cloud, mobile and virtual environments.
Automatically take action once a threat has been detected.
Typically batch in nature, big data analytics allows an organization to organize and analyze vast amounts of structured and unstructured information to facilitate the detection of rogue employees, partners, or criminal or collusive rings of fraudulent or abusive activity, said Avivah Litan, analyst, Gartner. A critical ingredient for success is the ability to quickly and easily integrate all types of structured and unstructured information across multiple internal and external information sources.(1)
Strengthening its existing portfolio of security solutions for big data, HP has introduced a series of updates including HP ArcSight Threat Detector 2.0 with out-of-the-box threat profiles and threat profile intelligence, and HP ArcSight Threat Response Manager 5.5 with cloud-ready, closed-loop capabilities for accelerated threat detection and response to mitigate APTs. In addition, HP ArcSight IdentityView 2.5 has been enhanced with expanded correlation of user identity, roles, and activities across events and security incidents.
With unified analytics from applications, users, network and systems, HP provides a unique portfolio of solutions integrating information security with big data. Collectively, these solutions process events at scale, provide deep insights out of the box, correlate user context, and provide actionable intelligence to reduce the risk of APTs.
With a mission to provide superior health care, it is critical that we prevent system disruptions that might impact patient safety or quality of care, said Keith Duemling, Information Security Officer, Lake Health. By automating threat detection across our network, HP ArcSight allowed us to move to a much more proactive approach to information security and improve our ability to detect risks that might affect overall system performance by a factor of 10.
Adversaries only need to get it right once to invoke serious damage on an organizations private data, ability to provide critical service or corporate reputation, said Ranndeep Chonker, Country Manager, HP Enterprise Security Products, India. With solutions designed to enhance threat detection through improved security analytics for big data, HP enables customers to quickly identify potential attackers and take action proactively to minimize business impact and prevent disruption to critical client services.
With the launch of HP ArcSight IdentityView 2.5, HP also has expanded the number of users that a single instance can monitor by 10 times, helping organizations correlate security incident and event data across an expansive user base to reduce insider threat risk.
If a users activity on the network does not correspond to permitted access controls and baseline behavior based on historically correlated data, the solution will flag the profile for further investigation. As a result, a companys security operations team can identify intentional versus unintentional activities and mitigate potential threats in real time.
Respond quickly to reduce risk of data loss
After a threat has been detected, organizations need to isolate the intrusion and resolve the compromise before valuable data is exfiltrated from the network. Delivered as a cloud-ready, add-on application to the leading HP ArcSight Security Information and Event Management (SIEM) platform, HP ArcSight Threat Response Manager (TRM) 5.5 provides a closed-loop, end-to-end network security and monitoring solution that addresses accelerated threat detection through proactive response.
HP TRM takes the threat response process to the next level with controls and automation of attack responses, helping to reduce threat response time without adding cost. The solution also enables users to automate the entire threat response process, reducing the need for additional security staff. Instead of waiting for the staff to manually disable accounts or network access, HP TRM shuts off access in a timely manner.
Additionally, HP has extended the capabilities of HP TRM beyond the data center and into the cloud. HP TRM is offered as a virtualized appliance on VMware, giving clients greater deployment flexibility while helping address their unique security needs.
Alle Artikel
In
Add new comment