The fastest, open, infrastructure-independent, advanced analytics SQL database
Securely access and analyze enterprise (and public) text, audio & video data
An intuitive hunt and investigation solution that decreases security incidents
User and entity behavioral analytics that augments existing security tools and empowers security operations teams to identify and respond to the threats that matter before data is stolen
Autonomous operations through a business lens
Intelligent automation for service desk, configuration, and asset management
SQL analytics solution handling large amounts of data for big data analytics
High-scale protection of sensitive data at rest, in motion, and in use across systems
Agile/DevOps management for continuous quality and delivery
Manage and track requirements from idea to deployment
Plan, track, orchestrate, and release complex applications across any environment
Enable all aspects of SCCM with enterprise grade scalability, security, and compliance
Automate deployments for continuous delivery with drag-and-drop simplicity
Govern application lifecycle activities to achieve higher quality
Unify test management to drive efficiency and reuse
Integrated, component-based test framework that accelerates functional test automation
Accelerate functional test automation across web, mobile, API, and enterprise apps
Discover, design, and simulate services and APIs to remove dependencies and bottlenecks
Shift-left functional testing using the IDE, language, and testing frameworks of choice
Reliable and efficient test automation for functional and regression testing
Centralized, omnipresent lab to develop, debug, test, monitor, and optimize mobile apps
Learn more about the LoadRunner Family of solutions
Cloud-based solution to easily plan, run and scale performance tests
Project-based performance testing to identify performance issues
Easy-to-use performance testing solution for optimizing application performance
Collaborative performance testing platform for globally distributed teams
Discover, design, and simulate services and APIs to remove dependencies and bottlenecks
Identifies security vulnerabilities in software throughout development
Gain valuable insight with a centralized management repository for scan results
Manage your entire application security program from one interface
Provides comprehensive dynamic analysis of complex web applications and services
Builds packages of change artifacts to speed up mainframe application development
Enable faster, efficient parallel development at scale
A development environment that streamlines mainframe COBOL and PL/I activities
Intelligence and analysis technology that provides insight into core processes
Fuel mobile apps, cloud initiatives, process automation, and more
Future-proof core COBOL business applications
Maintain and enhance ACUCOBOL-based applications
Deliver application access—anywhere
Maintain and enhance COBOL systems
Maintain and enhance RM/COBOL applications
Connect COBOL applications to relational database management systems
Derive incremental value with real-time, relational access to COBOL data
Unlock business value with real-time, relational access to ACUCOBOL data
Connect ACUCOBOL applications to relational database management systems
Automatically understand and analyze Micro Focus COBOL applications
Build COBOL applications using Agile and DevOps practices
Deploy COBOL applications across distributed, containerized or cloud platforms
Modernize core business system infrastructure to support future innovation
Manage agile projects using a collaborative, flexible, requirements and delivery platform
Manage requirements with full end-to-end traceability of processes
Automatically understand and analyze IBM mainframe applications
Capture, analyze, and measure the value, cost and risk of application portfolios
Build packages of change artifacts to speed up mainframe application development
Build and manage packages of change artifacts to speed up mainframe application development
Provide multiple change management interfaces to maintain mainframe apps
Build and modernize IBM mainframe COBOL and PL/I applications
Enable faster, efficient parallel development at scale
Fuel mobile apps, cloud initiatives, process automation, and more
Manage mainframe files for fast problem resolution
Easily test mainframe application changes using flexible infrastructure
Compare and manage mainframe data, text, and directory files
Connect Dev and Ops by automating the deployment pipeline and reduce feedback time
Centralize planning and control for the entire software release lifecycle
Orchestrate and integrate processes for faster software development and delivery
Detect changes, synchronizes multiple environments, and restores failed systems
Execute IBM mainframe COBOL and PL/I workload on Windows, Linux and the Cloud
Execute modernized IBM mainframe workloads under Microsoft .NET and Azure
Modernize IBM, HP, and Unix application access across desktop and mobile devices
Web-enable IBM and VT application desktop access, Java free
Modernize Unisys mainframe application desktop access
Modernize IBM, HP, and Unix application desktop access
Automate IBM, HP, and Unix application desktop access
Create new applications and workflows with Web services and APIs for IBM, HP, and UNIX applications
Fuel analytics platforms and BI applications with Unisys MCP DMSII data in real time
Centralize host access management with identity-powered access control and data security
Modernize file transfer with security, encryption and automation, within and across the firewall
Learn how Advanced Authentication Connector for z/OS is a multi-factor authentication for all your IBM z/OS end points
Measure and manage terminal-based software deployment and usage
Centralize host access management with identity-powered access control and data security
Develop and deploy applications with a comprehensive suite of CORBA products
Build distributed applications at enterprise scale
Develop, deploy, and support CORBA 2.6 compliant middleware in C++ or Java
Connect applications on diverse operating environments
Email, IM, chat-based teamwork, anti-virus, anti-spam, disaster recovery, and more
Provides secure file access and sharing from any device
Provides secure email, calendaring, and task management for today's mobile world
Backup and disaster recovery solution that ensures critical email is always available
Seven essential tools to build IT infrastructures, including secure file sharing
Provides secure team collaboration with document management and workflow features
Provides single sign-on for enterprises and federation for cloud applications
Protect your sensitive information more securely with multi-factor authentication
File Reporter and Storage Manager solution suite bundle
File Reporter for OES examines OES network file systems and delivers intelligent file insights so you can make the most intelligent business decisions.
Provides secure file access and sharing from any device
Protects your key business systems against downtime and disaster
Simplifies resource management on a Storage Area Network and increases availability
File, print, and storage services perfect for mixed IT environments
Cloud-based endpoint backup solution with file sync and share, and analytics
Package, test, and deploy containerized Windows apps quickly and easily
Seven integrated products to help track, manage and protect endpoint devices
Provides reports that integrate licensing, installation and usage data
Provides automated endpoint management, software distribution, support, and more
Delivers identity-based protection for devices and features total protection
Proactive laptop and desktop data protection to automatically lock out threats
Automates patch assessment and monitors patch compliance for security vulnerabilities
Streamlines and automates the way you provide IT services to your business
Cloud-based, scalable archiving for regulatory, legal, and investigative needs
Archive all business communication for case assessment, search, and eDiscovery
Automate employee data and communication monitoring to meet regulatory compliance and internal initiatives
Mitigate risk across social media channels to meet regulatory compliance obligations
Helping organizations meet data privacy regulatory guidelines through the management & disposition of data.
Address the ever-changing needs of network data management
File analysis to discover, classify and automate policy on unstructured data
Discover what is being stored and who has access
Structured data archiving to retire outdated applications and reduce data footprint
Identity-driven governance of data & access
SaaS-based file analysis on all of your unstructured data
Respond to litigation and investigations quickly, accurately, & cost-effectively
SaaS-based file analysis on all of your unstructured data
File analysis to discover, classify and automate policy on unstructured data
Discover what is being stored and who has access
Address the ever-changing needs of network data management
Structured data archiving to retire outdated applications and reduce data footprint
Helping organizations meet data privacy regulatory guidelines through the management & disposition of data.
Securely access and analyze enterprise (and public) text, audio & video data
Backup and disaster recovery for diverse, dynamic, and distributed enterprise
Automate provisioning, patching, and compliance across the data center
Discover and manage configuration items (CIs) in Hybrid IT environments.
Simplify fulfillment automation and enforce governance
Automate and manage traditional, virtual, and software-defined networks
The first containerized, autonomous monitoring solution for hybrid IT
Automate IT processes end-to-end
Build, secure, and scale automated business processes across the enterprise
Engaging end-user experience and efficient service desk based on machine learning
A comprehensive threat detection, analysis, and compliance management SIEM solution
An intelligent log management solution that eases compliance burdens and accelerates forensic investigation for security professionals
A comprehensive log management solution for easier compliance, efficient log search, and secure cost-effective storage.
Download and deploy pre-packaged content to dramatically save time and management
A future-ready data platform that transforms data chaos into security insight.
User and entity behavioral analytics that augments existing security tools and empowers security operations teams to identify and respond to the threats that matter before data is stolen
A fully-featured, adaptable solution that simplifies the day-to-day use of SIEM
A comprehensive Security Orchestration Automation Response platform with cognitive automation, investigation service desk, process orchestration and SOC analytics.
Persistent file encryption, complete control, and visibility to simplify unstructured data security
Format-preserving encryption, tokenization, data masking, and key management
Omni-channel PCI compliance and data protection for end-to-end payments security
Email, file, and Office 365 protection for PII, PHI, and Intellectual Property
Saas cloud email encryption to protect information on Office 365
The full solution for secure automated file transfer management inside and across perimeters
Identifies security vulnerabilities in source code early in software development
Provides comprehensive dynamic analysis of complex web applications and services
Gain valuable insight with a centralized management repository for scan results
Manage your entire application security program from one interface
Gain visibility into application abuse while protecting software from exploits
Provisions and governs access to unstructured data
Provides an LDAP directory with incredible scalability and an agile platform
Provides automated user access review and recertification to remain compliant
Delivers an intelligent identity management framework to service your enterprise
Provides single sign-on for enterprises and federation for cloud applications
Move beyond username and passwords and securely protect data and applications
Multi-factor Authentication for all your IBM z/OS end points
Integrate the host with your modern security framework
Adapt the authentication and access experience to the risk at hand.
Enables users to reset their passwords without the help of IT
Streamlines authentication for enterprise apps with a single login experience
Protect and manage access to your APIs.
Enables IT administrators to work on systems without exposing credentials
Limits administrative privileges and restricts directory views to specific users
Edit, test and review Group Policy Object changes before implementation
Protect critical data, reduce risk and manage change with Change Guardian
Extend the power of Active Directory to Linux resources
Unify and centrally manage policies across multiple platforms.
Protect critical data, reduce risk and manage change with Change Guardian
Finds and repairs configuration errors that lead to security breaches or downtime
Provides easy compliance auditing and real-time protection for IBM iSeries systems
Protect your network and messaging system from malware, viruses, and harmful content
Scalable, end-to-end encrypted email solution for desktop, cloud, and mobile
Cloud-based endpoint backup solution with file sync and share, and analytics
Package, test, and deploy containerized Windows apps quickly and easily
Provides reports that integrate licensing, installation and usage data
Provides automated endpoint management, software distribution, support, and more
Delivers identity-based protection for devices and features total protection
Proactive laptop and desktop data protection to automatically lock out threats
Automates patch assessment and monitors patch compliance for security vulnerabilities
Streamlines and automates the way you provide IT services to your business
Seven integrated products to help track, manage and protect endpoint devices
Help you embed security throughout the IT value chain and drive collaboration between IT operations, applications, and security teams.
Help you to react faster and gain a competitive advantage with enterprise agility.
Accelerate your hybrid cloud outcomes with advisory, transformation and implementation services.
Application management services that let you out-task solution management to experts who understand your environment.
Strategic consulting services to guide your digital transformation agenda.
Fully functional use-case modeling, with pre-built integrations across the Micro Focus Software portfolio, showcasing real-life use-case
Expert security intelligence services to help you quickly architect, deploy, and validate your Micro Focus security technology implementation.
A service integration and management service that optimizes delivery, assurance, and governance in multi-supplier settings.
Get insights from big data with real-time analytics, and search unstructured data.
Get insights from big data with real-time analytics, and search unstructured data.
Get insights from big data with real-time analytics, and search unstructured data.
Mobile services that ensure performance and expedite time-to-market without compromising quality.
Get insights from big data with real-time analytics, and search unstructured data.
Comprehensive Big Data services to propel your enterprise forward.
All Micro Focus learning in one place
Established in 2000, Paladion has almost 1,000 employees and customers across the United States, India, Malaysia, and the Middle East. As a Managed Detection and Response service provider, Paladion’s success depends on protecting diverse organizations from cybersecurity breaches. The company’s clients include large banks, telecommunications providers, government entities, and retail organizations.
Industry
Location
Product
The customers face sophisticated attacks and a dynamic threat landscape. To avoid being overwhelmed with security alerts, they need to identify the threats relevant to their vertical industry sector and configure their defenses accordingly.
They also need to monitor large IT environments. In many cases, they have thousands of devices generating vast amounts of data. They often find it insurmountable to check all data for signs of compromise.
For example, a large retail company (referenced throughout this study) contacted Paladion in 2014. The retailer operated many different businesses in several countries and had experienced several cybersecurity breaches, including one resulting in a financial loss.
Senior leaders were concerned by the widely reported security breach involving a large retail company from which customers’ credit card details and other data were stolen. A similar incident would have been extremely damaging to Paladion’s retail customers, says Deepak Jacob, Paladion’s Projects Director for Europe, the Middle East and Africa. “The outcome of a breach of credit card data isn’t just a financial loss, it’s damaging to a company’s brand reputation,” he says.
Paladion doesn’t just help customers detect cybersecurity attacks – the company also rapidly remediates threats.
Paladion takes a multi-pronged approach to this challenge. To detect threats, the company automates the task of monitoring customers’ systems. Paladion uses Micro Focus ArcSight Enterprise Security Manager (ESM) to rapidly collect log data from customers’ devices and software, and analyzes it to detect threats. The software sends alerts about threats to a security operations center in Bangalore, India, which is staffed around the clock. This team is supported by other security centers in the United States, Canada, India, United Arab Emirates, and Malaysia.
Paladion also continually manages and customizes ArcSight ESM for each customer, which is vital to ensure threats are identified accurately and quickly. “A SIEM is not a set-and-forget technology. It requires custom use cases for it to be effective,” says Jacob.
The company’s research team constantly examines new attack methods and learns how best to detect them. It then creates use case rules that tell ArcSight ESM what to do when it detects compromise or vulnerability. This speeds up the response to attacks, and ensures that security alerts point to actual threats, not innocuous activity. “If you don’t monitor for the right things, your security won’t be effective,” says Jacob.
When Paladion develops a use case rule through ArcSight Activate for one customer, the rule also can be quickly deployed using ArcSight ESM to protect other customers. “One of the reasons we use ArcSight is because of this flexibility,” says Jacob. He suggests this process would take much longer using other SIEM tools.
Paladion also goes a step further to detect threats. Log data collected by ArcSight ESM is fed into Paladion’s proprietary analytics platform, which examines the data for suspicious activity. This considers user behavior and endpoint, application, and network activity.
The company doesn’t stop at notifying customers about threats. When ArcSight ESM or Paladion’s analytics platform detects a threat, Paladion can respond in two ways. First, Paladion’s own security response orchestration platform uses supervised machine learning to automatically take action. It draws on years of data about how to remediate certain threats and can block access to a url or take myriad other steps. Second, Paladion’s incident response team can work with clients to remediate more complicated threats.
In addition to providing rapid detection and response services, Paladion’s security governance team helps customers improve their security policies and defenses. Paladion staff members also can work at a customer’s site to test systems for vulnerabilities and train employees to follow security best practices. For example, Paladion trained employees for the retailer previously referenced.
Other Micro Focus security tools that Paladion uses to protect customers include Micro Focus Security Fortify to test software code for vulnerabilities, and Micro Focus ArcSight User Behavior Analytics (UBA) to check for anomalies in users’ activities on company systems.
Paladion has dramatically improved the cybersecurity visibility of more than 100 organizations. This is possible because ArcSight ESM can rapidly sort through thousands of data logs to find signs of attack. Paladion’s analytics platform also improves the likelihood of detecting threats.
In the case of Paladion’s retail customer, Micro Focus software collects data about 9,000 events per second. After filtering and correlating that data, the software issues approximately 40 alerts about potential security breaches each month. Because the retailer had no central monitoring in the past, it would have been unaware of these incidents.
The software alerts Paladion’s customers to signs of security incidents involving their own employees. For example, the company’s retail customer receives more than 100 alerts each month regarding potential violations of company cybersecurity policies, including alerts about unauthorized Internet and email use. The software also alerts the retailer to about 200 incidents of unauthorized system access each month. The retailer also used the software to trace the source of an internal security breach, which the retailer stopped.
The retailer’s executives now have a much clearer understanding of their company’s security posture, using reports generated by ArcSight ESM. The software also automatically checks compliance with the Payment Card Industry Data Security Standard and ISO standards.
Meanwhile, Paladion, as a managed security detection and response services provider, also monitors large numbers of devices for other customers – including 2,500 devices connected to ArcSight ESM for a telecommunications services provider, and 2,000 additional devices for a bank. As a result, these organizations have stopped or contained various breaches and minimized the risk of damage to their reputations and operations. For example, the bank avoided the loss of more than $200,000 by preventing fraud.
Paladion’s research into attack methods and the company’s creation of use case rules speed up the time to detect and contain breaches and fix security vulnerabilities.
This has helped customers respond quickly to rapidly spreading threats. Paladion defended the retailer mentioned in this study against the WannaCry ransomware, which spread in early 2017. Within four hours of the WannaCry outbreak, Paladion deployed a use case rule to protect the customer. As a result, only one of the retailer’s many computers was compromised.
Paladion also has used ArcSight ESM to successfully defend customers against other wide-scale cybersecurity threats – including the Shamoon virus – and against attackers seeking to exploit the Heartbleed vulnerability.
Jacob estimates that security costs of Paladion’s customers are 70 percent lower than if they had established their own equivalent defenses. The biggest savings include not having to build a security operations center (SOC) and hire a security team.
He says some customers would require as many as eight security analysts, as well as an employee to respond to threats, supported by a data scientist, a threat researcher, an SIEM administrator, and an SOC manager. Combined with the cost of an SOC, these expenses could add up to more than $1 million.
The outcome of a breach of credit card data isn’t just a financial loss, it’s damaging to a company’s brand reputation.
One of the reasons we use ArcSight is because of its flexibility.