ArcSight Introduces CyberSecurity Log Management Solution to Address Rapidly Growing Cybercrime Threats - ArcSight Logger 4

November 2, 2009 8:00 AM EST

ArcSight Logger Helps Organizations Detect, Investigate, and Understand the Impact of Cybercrime Activities

CUPERTINO, Calif.--(BUSINESS WIRE)-- ArcSight, Inc. (NASDAQ: ARST), a leading global provider of security and compliance management solutions that protect enterprises and government agencies, today announced the fourth generation of its log management product, ArcSight Logger. ArcSight Logger 4 provides four-way protection against the growing impact of cybercrime activities.

With more data, transactions, and users online, organizations are increasingly vulnerable to fraud, theft, and breaches due to hackers, malware, and malicious insiders. ArcSight Logger reduces the impact of cybercrime by enabling faster and better investigations and forensic analysis of criminal activities.

ArcSight Logger 4 provides four-way protection against cybercrime impacts:

1)   High speed structured and unstructured data collection of up to 42 TB on a
     single appliance

2)   Ultrafast search and reporting, handling terabytes of data in seconds via a
     Google-like interface

3)   Unified analysis across all types of data in a single pane of glass, for
     simplified investigations

     Secure storage and access, with support for Federal Information Processing
4)   Standards (FIPS) and Common Access Card (CAC), for criminal investigation
     and prosecution

The key breakthrough in ArcSight Logger is the ability to collect, search and analyze massive amounts of both structured and unstructured data. This data includes:

    --  Systems/IT operations data - By analyzing CPU spikes, disk usage, and
        network flows, ArcSight Logger can aid in detection and remediation of
        sophisticated malware such as bots and keyloggers.
    --  User data - By analyzing user access information, ArcSight Logger can
        aid the investigation and remediation of data breaches due to
        unauthorized system or database access.
    --  Application data - By analyzing user activity within key applications,
        related system access, and social network activity, ArcSight Logger can
        aid in fraud analysis and investigation.

Unlike other approaches, which either focus only on structured data for security analysis or only on unstructured data for IT operations troubleshooting, ArcSight Logger unifies alerting, search, and analysis across any type of enterprise information. As a result, ArcSight Logger is able to collect and analyze the massive amounts of data generated by modern networks.

The ArcSight SIEM Platform protects more than 40 global banks, the government systems of over 27 nations, more than 20 U.S. Federal agencies and more than 25 global telecommunication service providers. With the cyber threat landscape constantly evolving, ArcSight worked with its considerable installed base of government and private sector customers on the requirements for ArcSight Logger 4. Protection of critical infrastructure from the rapidly changing tactics of cyber-attackers was a primary design consideration for ArcSight Logger 4.

"ArcSight Logger made a mole hill out of a mountain for us," said Paul Melson, Information Security Officer, Priority Health. "We are required by law to keep a decade worth of logs generated by thousands of devices. Without ArcSight Logger, any timely analysis would be impossible. By retiring our old log collection solutions and consolidating on ArcSight Logger, it paid for itself in the first six months. We had an open IT ops log management project which was shelved after the beta testing of ArcSight Logger 4. We were blown away by its speed in performing both structured and unstructured queries across terabytes of data. ArcSight Logger is already our log management solution and this update only validates that we made the right choice."

In a recent survey of 48 ArcSight government and financial services customers, the company found that nearly 30% of respondents estimated that they had over 10,000 devices that produce events or logs related to cybersecurity. The result is a massive amount of data to be collected and processed. In addition, 75% responded that they very rarely or hardly ever knew exactly what to look for when researching a cyber attack. The result is a need for unified high speed search to quickly find relevant context when an incident occurs. Finally, more than 80% of respondents also believe that cyber attacks will increase in the coming 12 months compared to last year, supporting the need for improved cybersecurity solutions such as ArcSight Logger 4.

"Our systems generate thousands of events per second. That's tens of millions of events per day," said A. J. Wright, CISO/CTO of the University of Tennessee Technical Review Board. "Without a log management system that can store and process logs at that volume and speed, we could miss a critical vulnerability. Cyber attacks and threats are becoming increasingly complex and are constantly changing. Unstructured search will give us the ability to find root cause even if we aren't sure what type of threat we're looking for."

"Cyber attacks are increasingly targeting companies and agencies that provide the structure for our whole way of life--our water, power, communications, consumer goods, banking systems, government services, and healthcare systems, not to mention the nation's defense systems," said Tom Reilly, president and CEO, ArcSight. "These attacks are quickly morphing and growing in sophistication. Even security experts don't know exactly what to look for when investigating possible incidents. More and more they are looking for faster, more flexible search capabilities across massive amounts of data. We've designed ArcSight Logger 4 to directly address these requirements."

ArcSight Logger is a key component in the ArcSight SIEM Platform. It joins ArcSight FraudView and ArcSight IdentityView as solid solutions for preventing cyber war, cyber theft, cyber fraud, and cyber espionage, while also providing vigilance over organizational policies and regulatory compliance.

Pricing and Availability

ArcSight Logger 4 will be available in November 2009. Pricing begins at $20,000. To learn more about the ArcSight Log Management Suite, visit http://www.arcsight.com/logger.

About ArcSight

ArcSight (NASDAQ: ARST) is a leading global provider of security and compliance management solutions that protect businesses and government agencies. ArcSight identifies, assesses, and mitigates both internal and external cyber threats and risks across the organization for activities associated with critical assets and processes. With the market-leading ArcSight SIEM platform, organizations can proactively safeguard their assets, comply with corporate and regulatory policy and control the risks associated with cyber-theft, cyber-fraud, cyber-warfare and cyber-espionage. For more information, visit www.arcsight.com.

Cautionary Statement Regarding Forward Looking Statements

This news release contains forward-looking statements, including without limitation those regarding the belief that cyber attacks are targeting companies and agencies that provide critical infrastructure and defense systems will continue to increase and morph, and that security experts will be looking more and more for faster, more flexible search capabilities across massive amounts of data. These forward-looking statements are subject to material risks and uncertainties that may cause actual results to differ substantially from expectations. Investors should consider important risk factors, which include: the risk that the increase in cyber attacks, if any, does not result in an increased demand for our log management solutions; the risk that competitors may be perceived by customers to be better positioned to help handle cybersecurity threats; and other risks detailed under the caption "Risk Factors" in the ArcSight Annual Report on Form 10-Q filed with the Securities and Exchange Commission, or the SEC, on September 9, 2009 and the company's other filings with the SEC. You can obtain copies of the company's Annual Report on Form 10-Q and its other SEC filings on the SEC's website at www.sec.gov.

(C) 2009 ArcSight, Inc. All rights reserved. ArcSight, the ArcSight logo, and ArcSight Logger are trademarks of ArcSight, Inc.

    Source: ArcSight, Inc.

Related Categories

Press Releases

Stocks Mentioned

Add Your Comment

Name

Subject

Body

Verification can't see the text?
click here to refresh the image.
what's this?