Highly customizable based on organization’s requirementsĪrchitecture supporting Multi-tier & Multi-tenancy Steep learning curve for Analysts & Operators Tight integration with Big data Analytics platform like Hadoop Requires skilled resources to manage the solution Mature Event Correlation, Categorization & Reporting Mostly suited for Medium to Large Scale deployment
ArcSight IdentityView: User Identity tracking/User activity monitoring.ArcSight Logger: Log storage and Search solution.ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments.The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information. SIEM market analysis of the last 3 years suggest:Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadership The Vendors mentioned here in the deck are : The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. Practical Cloud Native Security with Falco.The Chief Information Security Officer (CISO) Workshop Training.Email Security (Exploits, Vulnerabilities and Mitigation).
0 kommentar(er)
