In a highly regulated industry such as financial services protecting sensitive data is key. In this organization’s case they particularly wanted to protect specific trading algorithms which were the source of differentiating intellectual property (IP). Its Security Architect recognized another challenge: “We have a small security team in place with many different priorities. I understand the need for proper anomaly detection, and needed a solution that gave us real analytics, rather than the ‘black box’ messages we received from some vendors. Furthermore, I had tried Open Source solutions and found them to be too resource intensive. We needed something that was easy to maintain.”
With an analytics-led approach, Micro Focus ArcSight Intelligence uses a process of baselining and scoring to boost the efficiency and speed at which security teams detect, triage, investigate, and respond to threats. An intuitive, web-based dashboard allows users to quickly and easily determine which alerts present the greatest potential risk.
ArcSight Intelligence was deployed in a SaaS model for worry-free maintenance and support. Early analytical results identified previously unknown threat vectors with several active service accounts connected to retired target applications. These threats neutralized and investigated; the organization can rest assured its IP is safe. The organization plans to expand ArcSight Intelligence data sources and profile every network device for greater coverage.
