HBGary, the firm that gained wide attention after they were hacked by Anonymous early last year, has partnered with HP in order to get HBGary’s Active Defense integrated with the ArcSight platform.
Specifically, HBGary’s Active Defense can be added to the ArcSight SIEM platform with the aim of offering stronger real-time monitoring, and protection from the fearful marketing acronym APT. APTs, or Advanced Persistent Threats, are a type of attack that leverage several classes of exploits and vulnerabilities to achieve a goal, but usually start by exploiting the human element in the security chain with a Phishing attack.
“Security vendors must work together to help organizations defeat today’s APT attacks — every day, companies are compromised, but few will learn about it until days, weeks or even months afterward,” said Penny Leavy, President of HBGary, Inc.
With Active Defense added in, ArcSight’s threat and risk management platform can offer visibility into known and unknown threats, including memory-only rootkits, botnet communications, and various other exploit tools.
As a bonus, because Active Defense can now work alongside the ArcSight platform, HBGary has earned the Common Event Format (CEF) Certification. The CEF connector allows ArcSight ESM to connect to, aggregate, filter, correlate, and analyze events from applications and devices, which output their logs in the CEF standard, utilizing the syslog transport protocol.
For the curious, more on Active Defense is here. Information on the ArcSight platform is here.
Related Reading: Practical SIEM Deployment – Getting The Most From Your SIEM Solution
More from Steve Ragan
- Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data
- Workers Don’t Trust Employers with Personal Data: Survey
- Root SSH Key Compromised in Emergency Alerting Systems
- Morningstar Data Breach Impacted 184,000 Clients
- Microsoft to Patch Seven Flaws in July’s Patch Tuesday
- OpenX Addresses New Security Flaws with Latest Update
- Ubisoft Breached: Users Urged to Change Passwords
- Anonymous Targets Anti-Anonymity B2B Firm Relead.com
Latest News
- Critical Vulnerability Impacts Over 120 Lexmark Printers
- BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws
- Industry Reactions to Hive Ransomware Takedown: Feedback Friday
- Microsoft Urges Customers to Patch Exchange Servers
- Iranian APT Leaks Data From Saudi Arabia Government Under New Persona
- US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware
- Cyberattacks Target Websites of German Airports, Admin
- US Infiltrates Big Ransomware Gang: ‘We Hacked the Hackers’
