Real-time threat detection, analytics and investigation from any source, anywhere.
ArcSight Data Platform
An intelligence-driven security operations center must provide full data visibility to use information effectively, for better detection, investigation, and response to threats. Businesses today need a data collection platform that is reliable and secure, and helps them operate efficiently and effectively at low budgets.
The ArcSight Data Platform is composed of ArcSight Logger, Management Centre (ArcMC), Connectors and Event Broker. The platform is architected to provide an open architecture that supports a wide range of security operations and allows scalability by addressing data variety and velocity needs. It augments data with security context in real time through normalization, categorization and enrichment, enabling faster threat detection, investigation and response.
Enterprise Secure Key Manager
Enterprise Secure Key Manager (ESKM) is a complete solution for generating, storing, serving, controlling and auditing access to data encryption keys. It enables you to protect and preserve access to business-critical, sensitive, data-at-rest encryption keys, either locally or remotely. This component of our portfolio of best-in-class data protection solutions is a must for organizations in any industry where protecting sensitive data and preventing fraud are key parts of the mission. This offering is FIPS 140-2 level 2 validated for strong security standards and offers robust scalability.
ArcSight Enterprise Security Manager
ArcSight ESM is a comprehensive and powerful Security Information and Event Management (SIEM) application for security and operations centers. It is part of the ArcSight SIEM solution,a threat detection and management platform with a flexible architecture allowing organizationsto easily scale out their existing SIEM deployments as they grow their infrastructure.
ArcSight ESM is used in conjunction with ArcSight Data Platform or any collection system that uses Common Event Format (CEF). It can easily integrate with investigation and/or remediation tools.
ArcSight ESM Express
ArcSight Express helps mid-sized companies with limited resources run SIEM. It is an all-in-one appliance that acts as a watchdog and performs universal log management, ultra-fast forensic investigation, data correlation, compliance analytics, reporting and more.
An intuitive hunt and investigation solution that decreases security incidents. Also the winner of the 2017 New Product of the Year award by Security today.
ArcSight Activate Framework
ArcSight Activate Framework makes implementing SIEM easy. The framework provides a standardized approach to creating content that can be shared with the community to keep up easily on the latest IT security threats. This results in a robust SIEM that is easier to set up and maintain.
ArcSight User Behavior Analytics (UBA)
HPE Security ArcSight User Behavior Analytics (UBA) enables security analysts to minimize the risk and impact of cyberattacks in real time. Instead of solely focusing on events and log data, HPE ArcSight UBA detects unknown threats through purpose-built security analytics by creating a baseline of normal user and entity behavior and identifying anomalies associated with users and entities as they occur. By aggregating activities and multiple indicators of compromise for users, entities, and their peer groups, HPE ArcSight UBA delivers insight into
the highest risk users and entities—even when credentials are legitimate.
HPE ArcSight UBA enables detection of advanced user- and entity-based threats, and when used in conjunction with the installation of HPE Security ArcSight SIEM, can leverage the same operational teams, data feeds, and incident response processes already in place. This in turn drives investigation efficiency and operational savings.
Downloadable and deployable pre-packaged content to dramatically save time and management.