Ingest terabytes of data from any source. You can simplify SIEM log management for all your data via SmartConnectors, which collect, normalize, aggregate, and enrich data from 480+ source types. Source types include syslog, clickstreams, stream network traffic, security devices, web servers, custom applications, social media, and cloud services.
ArcSight Recon’s columnar database responds to queries faster than traditional databases, enabling you to quickly and efficiently investigate within millions of events. It facilitates threat hunting in massive datasets, enabling security analytics at scale.
ArcSight Recon eases your compliance burden by offering content to facilitate regulatory requirements. Its built-in reports decrease the time required to document for compliance.
Cost-effectively store your security event log data with Recon’s impressive compression ratios. ArcSight SmartConnectors enable aggregation and filtering of events for additional log storage savings.
Navigate from ArcSight ESM to Recon with a simple click. Recon adds a valuable layer to ArcSight’s security analytics foundation and leverages the Security Open Data Platform (SODP) architecture. Recon also integrates with leading security tools to provide quick investigation, streamlined workflows, and fast response times.
Recon customers can implement native Security Orchestration Automation and Response (SOAR) capabilities without additional cost. With tactical automation and orchestration through a single pane of glass, security teams can speed up their daily security operations and enhance operational efficiency.