ArcSight ESM

ArcSight Enterprise Security Manager (ESM) is a comprehensive threat detection, analysis, triage, and compliance management SIEM platform that dramatically reduces the time to mitigate cyber-security threats. ArcSight allows security teams to move from enriched event data, to powerful real-time correlation, use workflow management and security orchestration, and to triage advanced persistent threats to mitigation and resolution. With ESM, the event variables and information that is collected, gets enhanced and enriched to provide more than 400+ individual and specific data points. ESM allows for the collection of data and real-time correlation of events to accurately escalate threats that violate the internal rules within the platform. ESM is capable of correlating up to 75,000 events per second within an enterprise. ArcSight Enterprise Security Manager creates an easy way for SOC monitoring teams to efficiently and effectively triage detected alerts through the ArcSight Command Center (ACC). With multi-tenancy capabilities and permissions abilities, enterprises are able to use a centralized set of management abilities including rule-based thresholds and a unified permissions roles, rights, and responsibilities matrix. Compatibility with ArcSight Data Platform (ADP) and ArcSight Investigate providing a comprehensive suite of open architecture data collection, powerful real-time event correlation, and intuitive investigation to detect unknown security threats. ArcSight Enterprise Security Manager (ESM) and ArcSight Data Platform (ADP) are the winners of “Best SIEM Solution” by SCMagazine in their 2017 SC Awards. Winners were announced on February 14th, 2017 at RSA Conference in San Francisco, CA. ArcSight will help keep the user’s assets safe and secure in a reliable and efficient manner.