The fastest, open, infrastructure-independent, advanced analytics SQL database
Securely access and analyze enterprise (and public) text, audio & video data
An intuitive hunt and investigation solution that decreases security incidents
User and entity behavioral analytics that augments existing security tools and empowers security operations teams to identify and respond to the threats that matter before data is stolen
Autonomous operations through a business lens
Intelligent automation for service desk, configuration, and asset management
SQL analytics solution handling large amounts of data for big data analytics
High-scale protection of sensitive data at rest, in motion, and in use across systems
Agile/DevOps management for continuous quality and delivery
Manage and track requirements from idea to deployment
Plan, track, orchestrate, and release complex applications across any environment
Enable all aspects of SCCM with enterprise grade scalability, security, and compliance
Automate deployments for continuous delivery with drag-and-drop simplicity
Govern application lifecycle activities to achieve higher quality
Unify test management to drive efficiency and reuse
Integrated, component-based test framework that accelerates functional test automation
Accelerate functional test automation across web, mobile, API, and enterprise apps
Discover, design, and simulate services and APIs to remove dependencies and bottlenecks
Shift-left functional testing using the IDE, language, and testing frameworks of choice
Reliable and efficient test automation for functional and regression testing
Centralized, omnipresent lab to develop, debug, test, monitor, and optimize mobile apps
Learn more about the LoadRunner Family of solutions
Cloud-based solution to easily plan, run and scale performance tests
Project-based performance testing to identify performance issues
Easy-to-use performance testing solution for optimizing application performance
Collaborative performance testing platform for globally distributed teams
Discover, design, and simulate services and APIs to remove dependencies and bottlenecks
Identifies security vulnerabilities in software throughout development
Gain valuable insight with a centralized management repository for scan results
Manage your entire application security program from one interface
Provides comprehensive dynamic analysis of complex web applications and services
Builds packages of change artifacts to speed up mainframe application development
Enable faster, efficient parallel development at scale
A development environment that streamlines mainframe COBOL and PL/I activities
Intelligence and analysis technology that provides insight into core processes
Fuel mobile apps, cloud initiatives, process automation, and more
Future-proof core COBOL business applications
Maintain and enhance ACUCOBOL-based applications
Deliver application access—anywhere
Maintain and enhance COBOL systems
Maintain and enhance RM/COBOL applications
Connect COBOL applications to relational database management systems
Derive incremental value with real-time, relational access to COBOL data
Unlock business value with real-time, relational access to ACUCOBOL data
Connect ACUCOBOL applications to relational database management systems
Automatically understand and analyze Micro Focus COBOL applications
Build COBOL applications using Agile and DevOps practices
Deploy COBOL applications across distributed, containerized or cloud platforms
Modernize core business system infrastructure to support future innovation
Manage agile projects using a collaborative, flexible, requirements and delivery platform
Manage requirements with full end-to-end traceability of processes
Automatically understand and analyze IBM mainframe applications
Capture, analyze, and measure the value, cost and risk of application portfolios
Build packages of change artifacts to speed up mainframe application development
Build and manage packages of change artifacts to speed up mainframe application development
Provide multiple change management interfaces to maintain mainframe apps
Build and modernize IBM mainframe COBOL and PL/I applications
Enable faster, efficient parallel development at scale
Fuel mobile apps, cloud initiatives, process automation, and more
Manage mainframe files for fast problem resolution
Easily test mainframe application changes using flexible infrastructure
Compare and manage mainframe data, text, and directory files
Connect Dev and Ops by automating the deployment pipeline and reduce feedback time
Centralize planning and control for the entire software release lifecycle
Orchestrate and integrate processes for faster software development and delivery
Detect changes, synchronizes multiple environments, and restores failed systems
Execute IBM mainframe COBOL and PL/I workload on Windows, Linux and the Cloud
Execute modernized IBM mainframe workloads under Microsoft .NET and Azure
Modernize IBM, HP, and Unix application access across desktop and mobile devices
Web-enable IBM and VT application desktop access, Java free
Modernize Unisys mainframe application desktop access
Modernize IBM, HP, and Unix application desktop access
Automate IBM, HP, and Unix application desktop access
Create new applications and workflows with Web services and APIs for IBM, HP, and UNIX applications
Fuel analytics platforms and BI applications with Unisys MCP DMSII data in real time
Centralize host access management with identity-powered access control and data security
Modernize file transfer with security, encryption and automation, within and across the firewall
Learn how Advanced Authentication Connector for z/OS is a multi-factor authentication for all your IBM z/OS end points
Measure and manage terminal-based software deployment and usage
Centralize host access management with identity-powered access control and data security
Develop and deploy applications with a comprehensive suite of CORBA products
Build distributed applications at enterprise scale
Develop, deploy, and support CORBA 2.6 compliant middleware in C++ or Java
Connect applications on diverse operating environments
Email, IM, chat-based teamwork, anti-virus, anti-spam, disaster recovery, and more
Provides secure file access and sharing from any device
Provides secure email, calendaring, and task management for today's mobile world
Backup and disaster recovery solution that ensures critical email is always available
Seven essential tools to build IT infrastructures, including secure file sharing
Provides secure team collaboration with document management and workflow features
Provides single sign-on for enterprises and federation for cloud applications
Protect your sensitive information more securely with multi-factor authentication
File Reporter and Storage Manager solution suite bundle
File Reporter for OES examines OES network file systems and delivers intelligent file insights so you can make the most intelligent business decisions.
Provides secure file access and sharing from any device
Protects your key business systems against downtime and disaster
Simplifies resource management on a Storage Area Network and increases availability
File, print, and storage services perfect for mixed IT environments
Cloud-based endpoint backup solution with file sync and share, and analytics
Package, test, and deploy containerized Windows apps quickly and easily
Seven integrated products to help track, manage and protect endpoint devices
Provides reports that integrate licensing, installation and usage data
Provides automated endpoint management, software distribution, support, and more
Delivers identity-based protection for devices and features total protection
Proactive laptop and desktop data protection to automatically lock out threats
Automates patch assessment and monitors patch compliance for security vulnerabilities
Streamlines and automates the way you provide IT services to your business
Cloud-based, scalable archiving for regulatory, legal, and investigative needs
Archive all business communication for case assessment, search, and eDiscovery
Automate employee data and communication monitoring to meet regulatory compliance and internal initiatives
Mitigate risk across social media channels to meet regulatory compliance obligations
Helping organizations meet data privacy regulatory guidelines through the management & disposition of data.
Address the ever-changing needs of network data management
File analysis to discover, classify and automate policy on unstructured data
Discover what is being stored and who has access
Structured data archiving to retire outdated applications and reduce data footprint
Identity-driven governance of data & access
SaaS-based file analysis on all of your unstructured data
Respond to litigation and investigations quickly, accurately, & cost-effectively
SaaS-based file analysis on all of your unstructured data
File analysis to discover, classify and automate policy on unstructured data
Discover what is being stored and who has access
Address the ever-changing needs of network data management
Structured data archiving to retire outdated applications and reduce data footprint
Helping organizations meet data privacy regulatory guidelines through the management & disposition of data.
Securely access and analyze enterprise (and public) text, audio & video data
Secure backup and rapid restores for all structured and unstructured data to ensure business continuity
Backup and disaster recovery for diverse, dynamic, and distributed enterprise
Automate provisioning, patching, and compliance across the data center
Backup and disaster recovery for diverse, dynamic, and distributed enterprise
Discover and manage configuration items (CIs) in Hybrid IT environments.
Simplify fulfillment automation and enforce governance
Automate and manage traditional, virtual, and software-defined networks
The first containerized, autonomous monitoring solution for hybrid IT
Automate IT processes end-to-end
Build, secure, and scale automated business processes across the enterprise
Engaging end-user experience and efficient service desk based on machine learning
A comprehensive threat detection, analysis, and compliance management SIEM solution
An intelligent log management solution that eases compliance burdens and accelerates forensic investigation for security professionals
A comprehensive log management solution for easier compliance, efficient log search, and secure cost-effective storage.
Download and deploy pre-packaged content to dramatically save time and management
A future-ready data platform that transforms data chaos into security insight.
User and entity behavioral analytics that augments existing security tools and empowers security operations teams to identify and respond to the threats that matter before data is stolen
A fully-featured, adaptable solution that simplifies the day-to-day use of SIEM
A comprehensive Security Orchestration Automation Response platform with cognitive automation, investigation service desk, process orchestration and SOC analytics.
Persistent file encryption, complete control, and visibility to simplify unstructured data security
Format-preserving encryption, tokenization, data masking, and key management
Omni-channel PCI compliance and data protection for end-to-end payments security
Email, file, and Office 365 protection for PII, PHI, and Intellectual Property
Saas cloud email encryption to protect information on Office 365
The full solution for secure automated file transfer management inside and across perimeters
Identifies security vulnerabilities in source code early in software development
Provides comprehensive dynamic analysis of complex web applications and services
Gain valuable insight with a centralized management repository for scan results
Manage your entire application security program from one interface
Gain visibility into application abuse while protecting software from exploits
Provisions and governs access to unstructured data
Provides an LDAP directory with incredible scalability and an agile platform
Provides automated user access review and recertification to remain compliant
Delivers an intelligent identity management framework to service your enterprise
Provides single sign-on for enterprises and federation for cloud applications
Move beyond username and passwords and securely protect data and applications
Multi-factor Authentication for all your IBM z/OS end points
Integrate the host with your modern security framework
Adapt the authentication and access experience to the risk at hand.
Enables users to reset their passwords without the help of IT
Streamlines authentication for enterprise apps with a single login experience
Protect and manage access to your APIs.
Enables IT administrators to work on systems without exposing credentials
Limits administrative privileges and restricts directory views to specific users
Edit, test and review Group Policy Object changes before implementation
Protect critical data, reduce risk and manage change with Change Guardian
Extend the power of Active Directory to Linux resources
Unify and centrally manage policies across multiple platforms.
Protect critical data, reduce risk and manage change with Change Guardian
Finds and repairs configuration errors that lead to security breaches or downtime
Provides easy compliance auditing and real-time protection for IBM iSeries systems
Protect your network and messaging system from malware, viruses, and harmful content
Scalable, end-to-end encrypted email solution for desktop, cloud, and mobile
Cloud-based endpoint backup solution with file sync and share, and analytics
Package, test, and deploy containerized Windows apps quickly and easily
Provides reports that integrate licensing, installation and usage data
Provides automated endpoint management, software distribution, support, and more
Delivers identity-based protection for devices and features total protection
Proactive laptop and desktop data protection to automatically lock out threats
Automates patch assessment and monitors patch compliance for security vulnerabilities
Streamlines and automates the way you provide IT services to your business
Seven integrated products to help track, manage and protect endpoint devices
Help you embed security throughout the IT value chain and drive collaboration between IT operations, applications, and security teams.
Help you to react faster and gain a competitive advantage with enterprise agility.
Accelerate your hybrid cloud outcomes with advisory, transformation and implementation services.
Application management services that let you out-task solution management to experts who understand your environment.
Strategic consulting services to guide your digital transformation agenda.
Fully functional use-case modeling, with pre-built integrations across the Micro Focus Software portfolio, showcasing real-life use-case
Expert security intelligence services to help you quickly architect, deploy, and validate your Micro Focus security technology implementation.
A service integration and management service that optimizes delivery, assurance, and governance in multi-supplier settings.
Get insights from big data with real-time analytics, and search unstructured data.
Get insights from big data with real-time analytics, and search unstructured data.
Get insights from big data with real-time analytics, and search unstructured data.
Mobile services that ensure performance and expedite time-to-market without compromising quality.
Get insights from big data with real-time analytics, and search unstructured data.
Comprehensive Big Data services to propel your enterprise forward.
All Micro Focus learning in one place
BDO Israel is spearheading the global accounting giant’s worldwide marketing efforts for a new managed security service focused on detection and response. As a hotbed of cyber security startups and innovations, Israel offers the ideal environment, including a pool of experts to lead the effort.
Cyber crime is projected to cost the world $2 trillion by 2019, according to a report by Juniper Research. Researchers at Cybersecurity Ventures predict that ransomware – a form of malware made infamous by the May 2017 “WannaCry” attacks – is expected to exceed $5 billion in damages in 2017.
To counter the surge in cyber crime, enterprises are moving away from prevention-only strategies to focus more on detection and response. In a recent report by Gartner, Inc., analysts noted that spending on information security is expected to hit $90 billion in 2017, an increase of 7.6 percent over 2016, and to top $113 billion by 2020. Spending on detection and response is expected to be at the top of the shopping list.
“We believe that in order to deliver a robust and reliable managed detection and response (MDR) service, we need a core platform that is tested and flexible enough to meet the needs of our clients here and around the world,” notes Dori Fisher, Head of Managed Cyber Security Services for BDO Israel. “I’m very familiar with this product segment, so IBM was the only other solution I considered. We want to be able to both create advanced scenarios and rely a lot on correlation. Other solutions don’t go there, leaving our analysts with too much to process.
“We use ArcSight to create our own connectors and parsers,” Fisher continues. “With ArcSight, we get the multi-tenancy we need to serve multiple clients, and we can easily replicate the custom content we’ve created. I’ve used ArcSight for 15 years and I know it’ll be there tomorrow and can connect to anything. That cleared the table of other considerations.”
The BDO Cyber Security Center implemented Micro Focus ArcSight Enterprise Security Manager (ESM) and ArcSight Data Platform on the Amazon Web Services (AWS) cloud computing platform. Approximately 80 percent of the MSSP/MDR’s clients take advantage of the AWS option, while the remaining clients have their own implementations of ArcSight, which BDO monitors.
The client base for BDO’s new cyber security services is immense and growing broader every day. “We were a successful advisory organization for 15 years before we became part of BDO,” notes former SECOZ founder and CEO Ophir Zilbiger, now a BDO Israel Partner and Head of the firm’s Cyber Security Center. “We have seen an evolution from what was called information security in past years to what is now cyber security. This evolution came early here in Israel due to the fact that we produce so many cyber-trained people, thanks in large part to the training provided in our armed forces. Clients here are very aggressive and early adopters of new security technology. We believe our early experiences in this burgeoning field will help differentiate us in the global market.”
Zilbiger notes that not only has the nature of information system security evolved in recent years, so too has the type of clients. “Our largest clients in the past have been financial services, telecom, and the technology sector,” he says. “We have seen a shift from what I would call traditional security clients to a wider range of clients, due to the ubiquitous nature of cyber crime today. We are seeing many more government organizations, as well as more manufacturers who are late adopters, but now committed to cyber security.”
According to Fisher, ArcSight ESM and ArcSight Data Platform have enabled the new MSSP/ MDR to dramatically reduce false alarms for their clients. “ArcSight allows the most flexible correlation infrastructure, which means that the majority of false positives that have logged artifacts can be improved and honed,” he explains.
“With ArcSight, we create or use scenarios that are based on hypotheses that were created using over a decade of client experiences,” Fisher notes. “Once these scenarios are manifested, we are able to reduce false positives to a very low percentage. For instance, we can quickly reduce false positives by tenfold as we hone correlations over a short time.”
He notes that for a client with 1,000 users, BDO would use ArcSight Data Platform to collect approximately 30 million log lines (events) per day, and use ArcSight ESM to create an average of less than 10 alerts per day. “Our goal is to chase down false positives once, and then automate the procedure,” Fisher says.
He gives this example: “Perhaps we decide that we want to reduce the amount of alerts associated with accessing suspicious websites because we’re getting 50 percent false positives. We might use ArcSight to automate the website checkup so that only websites that were considered ‘bad’ by two antivirus vendors actually invoke an investigation. ArcSight ingests the antivirus result data and our analysts get only sites that are flagged by both threat intelligence and antivirus. The magic here is that we control the amount of false positives by tuning and understanding what works best for us—ArcSight is flexible enough to allow us to do that.”
The BDO Cyber Security Center employs a combination of manual and automated techniques to ingest cyber threat intelligence (CTI) into ArcSight ESM, including indicators of compromise (IOCs) relating to malware such as WannaCry. “The automatic insertion of CTI is based on selected open source feeds ingested daily, parsed, and moved into dynamic lists within ArcSight ESM,” says Fisher. “We also manually insert CTI based on reports and artifacts reported in the media or from closed groups, but not widely available in lists of IOCs or indicators of attack (IOAs).”
IOC and IOA lists are cross-correlated within ArcSight with various devices in real time, which could include firewalls, proxies, and mail relays. The night that WannaCry was initially detected, the BDO team read the reports and inserted the indicators into the manual threat intelligence list. Two weeks later, they received a WannaCry alert from a client system. Because the client’s locations were mapped in ArcSight, the BDO team was able to pinpoint the specific floor and device. The local helpdesk disconnected the system for further investigation. It turned out that the IP address involved was associated with WannaCry, but not actually infected by the malware.
“We erred on the side of safety in this case due to the potential high impact,” says Fisher.
Israel’s new MSSP/MDR offering can save clients hundreds of thousands of dollars in capital expenses when compared to the investment required to build an in-house capability.
“The number one challenge is the global shortage of skilled cyber security professionals,” Fisher notes. “Although MSSPs are popping up everywhere, most are not as deeply focused as we are on detection and response. Clients would have to invest at least three to five times as much as they spend on our service to build their own cyber security organization, that is if they could even find people with the needed skill sets.”
Zilbiger concludes, “We have partnered with [Micro Focus] on a global basis to achieve our goals for the BDO Cyber Security Center and our MSSP/ MDR offering. We have worked with [them] for many years and found that [their] experience and willingness to support us as a true partner has been a key to our success. Again, thanks to the technical maturity of ArcSight and our experience with the solution, we are able to provide a service that is applicable anywhere in the world and scalable to meet the needs of even the largest enterprises.”
With ArcSight, we get the multitenancy we need to serve multiple clients, and we can easily replicate the custom content we’ve created. I’ve used ArcSight for 15 years and I know it’ll be there tomorrow and can connect to anything. That cleared the table of other considerations.
Thanks to the technical maturity of ArcSight and our experience with the solution, we are able to provide a service that is applicable anywhere in the world and scalable to meet the needs of even the largest enterprises.