HP updates ArcSight range to thwart APTs

Share this article:

HP has updated its enterprise security portfolio with specific designs to meet the challenge of advanced persistent threats (APTs).

According to the company, the updates to the ArcSight range help with process events at scale, provide deep insights out of the box, correlate user context and provide actionable intelligence to reduce the risk of APTs.

It said that HP ArcSight Threat Detector 2.0 now comes with built-in threat profiles and threat profile intelligence that use heuristic analysis on common areas of threat such as browsing patterns, distributed attack detection, early-stage attack detection and activity profiling.

Secondly, the HP ArcSight Threat Response Manager 5.5 now has cloud-ready, closed-loop capabilities for threat detection and response to mitigate APTs. It said that this enables users to automate the entire threat response process, while providing an end-to-end network security and monitoring solution that addresses accelerated threat detection through proactive response.

Finally, the HP ArcSight IdentityView 2.5 has been enhanced with expanded correlation of user identity, roles and activities across events and security incidents. In a single instance it can now monitor by 10 times, helping organisations correlate security incident and event data across an expansive user base to reduce insider threat risk, HP claimed.

HP said that if a user's activity on the network does not correspond to permitted access controls and baseline behaviour based on historically correlated data, the solution will flag the profile for further investigation. As a result, a company's security operations team can identify intentional versus unintentional activities and mitigate potential threats in real-time.

Haiyan Song, vice president and general manager of ArcSight enterprise security products at HP, said: “With solutions designed to enhance threat detection through improved security analytics for big data, HP enables customers to quickly identify potential attackers and take action proactively to minimise business impact and prevent disruption to critical client services.”

Share this article: