Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

HBGary Partners with HP to Bring Threat Intelligence to ArcSight SIEM Platform

HBGary, the firm that gained wide attention after they were hacked by Anonymous early last year, has partnered with HP in order to get HBGary’s Active Defense integrated with the ArcSight platform.

HBGary, the firm that gained wide attention after they were hacked by Anonymous early last year, has partnered with HP in order to get HBGary’s Active Defense integrated with the ArcSight platform.

Specifically, HBGary’s Active Defense can be added to the ArcSight SIEM platform with the aim of offering stronger real-time monitoring, and protection from the fearful marketing acronym APT. APTs, or Advanced Persistent Threats, are a type of attack that leverage several classes of exploits and vulnerabilities to achieve a goal, but usually start by exploiting the human element in the security chain with a Phishing attack.

“Security vendors must work together to help organizations defeat today’s APT attacks — every day, companies are compromised, but few will learn about it until days, weeks or even months afterward,” said Penny Leavy, President of HBGary, Inc.

With Active Defense added in, ArcSight’s threat and risk management platform can offer visibility into known and unknown threats, including memory-only rootkits, botnet communications, and various other exploit tools.

As a bonus, because Active Defense can now work alongside the ArcSight platform, HBGary has earned the Common Event Format (CEF) Certification. The CEF connector allows ArcSight ESM to connect to, aggregate, filter, correlate, and analyze events from applications and devices, which output their logs in the CEF standard, utilizing the syslog transport protocol.

For the curious, more on Active Defense is here. Information on the ArcSight platform is here.

Related Reading: Practical SIEM Deployment – Getting The Most From Your SIEM Solution

Written By

Click to comment

Expert Insights

Related Content

Threat Intelligence

How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers.

Cybercrime

Cybercriminals earned significantly less from ransomware attacks in 2022 compared to 2021 as victims are increasingly refusing to pay ransom demands.

Threat Intelligence

Enhancing cybersecurity and compliance programs with actionable intelligence that adds insight can easily justify the investment and growth of threat intelligence programs.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

Management & Strategy

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) have released...

ICS/OT

The White House announced on Wednesday that the Industrial Control Systems (ICS) Cybersecurity Initiative has been expanded to include the chemical sector.

ICS/OT

Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.