top of page
bg-bg-3_edited.jpg
logo-19.png

Micro Focus

ArcSight

Overview

Micro Focus ArcSight is a full-featured SIEM offering, with ERP integration the only noteworthy missing feature. Lack of a SaaS offering limits the product to large enterprises and service providers, but its scalability and data ingestion capabilities make it a good one for distributed environments. Log management and reporting and real-time monitoring are particular strengths.

Features

Data Mapping, Data Catalog

Ingest terabytes of data from any source. You can simplify SIEM log management for all your data via SmartConnectors, which collect, normalize, aggregate, and enrich data from 480+ source types. Source types include syslog, clickstreams, stream network traffic, security devices, web servers, custom applications, social media, and cloud services.

DSAR Automation

ArcSight Recon’s columnar database responds to queries faster than traditional databases, enabling you to quickly and efficiently investigate within millions of events. It facilitates threat hunting in massive datasets, enabling security analytics at scale.

Policy Enforcement

ArcSight Recon eases your compliance burden by offering content to facilitate regulatory requirements. Its built-in reports decrease the time required to document for compliance.

bottom of page