ArcSight security and compliance solutions intelligently identify and mitigate business risk by delivering a centralized view of enterprise-wide events across heterogeneous infrastructures. ArcSight solutions provide a real time and historic view into external attacks, insider threats and regulatory compliance.

ArcSight ESM

• ArcSight ESM is a comprehensive enterprise security platform that centrally collects and analyzes events from devices, systems and applications across the enterprise. Organizations use ArcSight ESM to discover risks, correlate relevant information, assess vulnerabilities and communicate compliance to stakeholders and customers. The ArcSight ESM console provides organizations with comprehensive, real time, expert information analysis and remediation capabilities. 

• ArcSight Compliance Insight Packages for ESM leverage a unique multi-standard approach to deliver a ready-to-use, best practices-based compliance log review foundation to immediately begin assessing and demonstrating control effectiveness for regulatory compliance and IT Governance.

• ArcSight Insider Threat Package acts as an early warning system designed to detect suspicious activity, such as printing large numbers of files outside of business hours, emailing large attachments to personal email accounts, employee communication with competitors or the clearing system audit logs to cover up one`s tracks. The Insider Threat package also includes information leak and IT sabotage-specific detection capabilities.

• ArcSight Interactive Discovery helps IT security professionals instantly pan, zoom and switch perspectives across complex technical data to perform in-depth analysis of security data and discover risks they might have otherwise missed.

• ArcSight Pattern Discovery automatically examines massive amounts of events collected and processed by ArcSight ESM to discover repeating sequences such as emerging worms, worm variants, rootkit and low-and-slow attacks. It then automatically creates rules which fingerprint these patterns for future identification and response.

ArcSight Logger

• ArcSight Logger is a turnkey appliance which can capture and analyze all enterprise log data acting as the universal event log repository and hub within a broader ecosystem. The enterprise event data can be leveraged for purposes ranging from threat detection and forensics investigations to rapid troubleshooting and simplified compliance monitoring. 

ArcSight TRM

• ArcSight TRM provides an easy-to-use system that allow user to locate an endpoint on the network and provide how it`s accessing the network. Once located, ArcSight TRM can determine the closest control point and the recommended quarantine method to isolate the endpoint from the network. From this analysis, ArcSight TRM will quarantine the endpoint in a controlled and self-documenting framework that includes: authorization queuing, login credential protection, full audit trails, quarantine log and history.

ArcSight NCM

• ArcSight NCM provides an easy-to-use, easy-to-integrate central configuration repository that allow users to look at the network graphically; compare different configuration versions; validate configuration against policy; and provide role-based control of configuration changes. ArcSight NCM also provides a wizard builder that allows organizations to create dialog-box-driven configuration controls that simplify how configuration commands are represented; this reduces the configuration information to a need-to-know basis; and controls the configuration setting options to display only those that are allowed by the organization.