To combat advanced adversaries, we must improve our detection and response capabilities. This presentation will cover emerging processes and technologies in security operations that allow organizations of all sizes to improve their detection and response effectiveness. The capabilities presented here have been used by HP to detect and remove advanced threats for organizations across the globe.
RecordedDec 18 201438 mins
Your place is confirmed, we'll send you email reminders
Steve Forsyth, ArcSight Product Manager, Micro Focus
Experience leveraging the ArcSight Activate framework to strengthen and enhance your ArcSight Enterprise Security Manager (ESM) SIEM deployment. This webinar will show you how to:
• Increase your effectiveness in managing indicators and warnings
• Understand situational awareness, threat impact and assessments
• Further understand the process refinement required to manage your ArcSight ESM deployment.
This webinar includes a demonstration of acquiring, operating, and expanding an Activate solution within an ESM implementation.
HPE ArcSight offers a cost effective and efficient log management solution to meet your compliance, reporting and data retention needs. The ArcSight Logger is a universal log management solution that unifies search, reporting, alerting, and analysis across any type of enterprise machine data.
ArcSight continues to innovate to provide our customers with the best of breed solutions. Join this webinar to learn about Logger’s new search and reporting capabilities.
With more security threats than ever before, organizations are looking to new ways to secure, manage and monitor their environment. Data sources are increasing and far higher volumes need to be sent to multiple destinations for real-time analytics and archiving. Traditional closed architectures are becoming an impediment to the growth and needs of security operations. Organizations today are, therefore, looking to adopt modern open standards and architectures.
By embracing new, innovative and open standards, security organizations can look to solve complex problems today and equip themselves for the future. Explore how you can expand and grow your capabilities with simplicity, and more importantly in a predictable and cost-effective way.
This webinar will cover the evolving approach to help you solve security issues with modern open architecture solutions. Learn why integration is key and where ArcSight comes in.
Hunt teams are relative newcomers within the security operations domain. Many companies say they are doing “hunt” but when we dig deeper, we find the capabilities are ad hoc, with no measurable indicators of success nor formal organizational support. That means hunt teams are growing in popularity and use, but there is no “gold standard” yet for how they work. With increasing scarcity of skilled resources in cyber security and lack of efficient tools, it is challenging to build successful hunt practices inside an organization.
Join this webcast to:
•Gain a clear understanding of the current challenges of hunt and investigation procedures
•Learn how to build “hunt” capabilities that search for security breaches
•Increase speed, simplicity and effectiveness across the entire workflow of hunt and investigation with ArcSight’s new solution
Mary Writz is a seasoned professional with more than 15 years of experience in cyber security and, under her services leadership role, her team filed 9 patents and built a successful hunt practice with a focus on Big Data, machine learning and visualization. Alona Nadler is a senior product manager for ArcSight with a background in Big Data analytics platform.
Learn more about ArcSight workshops coming to a city near you. Understand what’s new with ArcSight, and see some of the dynamic hands-on labs we will be running including topics such as discovering multi-stage attacks using your ArcSight ESM. Register now to see what the buzz is all about.
Nathan Burke, VP of Marketing, Hexadite and Steven Forsyth, RnD Manager, HPE Security ArcSight
The effectiveness of a security system depends on how quickly it detects and responds to threats. Is your security system able to tackle security challenges in near real time, while reducing false positives so analysts can focus on critical events and Indicators of Compromise (IOC’s)?
HPE Security ArcSight ingests large volumes of security events and correlates against IOC’s in real time to identify potential threats. Hexadite Automated Incident Response Solution (AIRS) takes these security alerts in real time and performs investigation and remediation at scale.
Learn how the combination of these two systems gives you the ability to:
• Gain visibility across the entire IT footprint
• Detect security threats in real-time
• Automate incident investigation
• Perform automated or semi-automated remediation actions
Travis Grandpre, HPE Director of ArcSight Product Marketing and Justin Kelso, HPE ArcSight
As organizations scale, growing in size across physical and virtual borders, they rely on intelligent security operations to maintain the integrity of their security posture. Critical to building Intelligent Security Operations is the ability to gain visibility across boundaries, which means insight into not just networks and IT, but also operational data and IoT devices. This kind of visibility requires managing and maintaining the integrity of millions of events per second that are required to provide credible insights powering the Intelligent Security Operations.
But visibility without context can become a distraction to resource constrained security operations’ intent on focusing on what matters and remediating threats. Providing context to the collected data through real-time correlation and analytics generated alerts helps to prioritize security analyst tasks, optimizing resources and saving time. Machine learning enrichment of data through the addition of user, entity and security context, helps security operations teams to run efficiently.
These capabilities together empower you to track alerts and investigate threats at the speed of the attacker.
Learn how ArcSight plans to lay the foundation for intelligent security operations by providing an open architecture to leverage your data for better detection, investigation and response to threats, while maintaining integrity.
Michael Mackrill, Security & Intelligence Operations Consulting
SIEMs have been around for years and many companies are wondering if they actually got a return on their investment. Meanwhile, multiple vendors are claiming that their latest tool can do everything that a SIEM can and more! Can the SIEM survive?
We believe that the SIEM is not dead. SIEM is evolving. It must be remembered though that a SIEM is a living, breathing creature that must be cared, fed and interacted with in order to thrive. SIEMs have gotten more robust and can be used to interact with other security programs in ways that they couldn’t a few years ago. Companies need to utilize the SIEM as their central pane of glass to see the threats to their environment and use integration with other tools to help ensure the security of their electronic data.
Dr. Larry Ponemon, chairman and founder of the Ponemon Institute
On average, the 58 United States companies participating in the 2015 Cost of Cyber Crime study lost $15 million due to cyber crime, an increase of 19 percent from $12.7 million in last year's study. And other countries are close behind. These are results from the recently completed Ponemon Institute 2015 Cost of Cyber Crime study. You know the risks, but you need the data to plan your defenses and demonstrate the cost of inaction.
For a fuller look at these and other findings from the institute’s study, join Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, to learn:
-What cyber crimes are most common and most costly
-The hidden internal and external costs you incur
-What security defenses are most effective in reducing losses
-How businesses with a strong security posture drive down costs
Analytics, as they pertain to the security space, are a new horizon for most. With the universal rise in interest in applying analytics to security data and use cases many organizations are overwhelmed by the difficulties surrounding those technologies. Whether it is the cost and rarity of expert manpower, scale and speed of the data, or the immaturity of many of the technologies; many organizations need help making sense of this new frontier and how and where to apply it to their data sets. HPE Security ArcSight has taken the lead in making this emerging technology more readily consumable through the targeted use of analytics for particular datasets and use cases. In this vein HPE Security ArcSight has launched two security analytics offerings: User Behavior Analytics, and DNS Malware Analytics. Please join us in this webcast to learn more about these technologies and how they are making big impacts for security organizations of all sizes.
Sean Clapper, HP ArcSight, Security Intelligence & Operations Consulting
Adapting the ArcSight case user interface to your business and using it to collect meaningful metrics.
An insight on maximizing ArcSights case and metrics capabilities. Designing an intuitive custom case user interface tailored to your business. Optimize case management to promote cross collaboration, escalation and organization. Collecting and using case data to drive meaningful operational metrics.
Dave Shackleford, SANS Analyst and Sri Karnam, HP ArcSight Product Marking Manager
Simplifying Compliance and Forensic Requirements with HP ArcSight Logger
The ever-increasing amount of logging output that IT organizations need to retain to have an accurate picture of what happened in their systems-and when-is a classic "big data" problem. Data categorization and normalization are imperative when sifting through a mass of data that can exceed a petabyte, while eliminating false negatives can aid a forensic investigation. This webcast focuses on HP ArcSight Logger 6, featuring a review of the product by SANS senior analyst Dave Shackleford.
Sign up for this webcast and be among the first to receive an advance copy of a SANS whitepaper discussing Dave's review of HP ArcSight Logger 6.
In this presentation, we will look at what it takes to become a success when trying to address security monitoring and alerting. It is commonly regarded that log management, monitoring and alerting is seen as a corporate or enterprise solution due to is complexity and costs, but this presentation will address the steps that any organization can take to go from zero to hero. Building on a easily followed process and step by step guide, we will cover the way that organizations can move from one step to the next, managing costs and complexity at each stage. Starting with the basic steps needed to build a foundation, a SOC can be build up and deliver real value and capability without excessive cost or complexity.
Aarij M Khan, Director of Product Marketing, HP Enterprise Security
In 2011, we saw many examples of organizations falling victim to hackers and malicious insiders – from major cyberattacks like Sony, malware like Stuxnet to massive data breaches like Epsilon Interactive. As you begin making improvements to your security programs in 2012, it is critical to review these breaches to betting prepare for the trends taking place in the information security arena.
In this webinar, we will take a close look at the security risks you should expect to face in 2012 and how you can prevent a major security incident from occurring in your organization. You will gain valuable insight into:
• Notable security incidents in 2011
• Top security threats to watch for in 2012
• The steps you can take to secure your organization NOW
You will also hear about case studies illustrating how organizations have successfully prevented security attacks and improved their security and compliance posture.
Protect your business with security analytics and compliance solutions
Your organization, regardless of its size, must turn security and log data into actionable intelligence to make smarter, more efficient decisions. This channel features presentations that help answer your security questions. For example, you can learn how to manage business risk, monitor your IT infrastructure and automate compliance. Take your security knowledge a step forward with best practices in the latest security trends like Big Data Security Analytics, combating Advanced Persistent Threats and understanding the costs of cyber crime.