HP ArcSight Portfolio Updated to Enhance Big Data Threat Prevention

By on 23/05/2015

Typically batch in nature, big data analytics allows an organization to organize and analyze vast amounts of structured and unstructured information to facilitate the detection of rogue employees, partners, or criminal or collusive rings of fraudulent or abusive activity, says Gartner analysts. A critical ingredient for success is the ability to quickly and easily integrate all types of structured and unstructured information across multiple internal and external information sources.

With a mission to provide superior protection against big data threats, HP has updated its HP ArcSight portfolio, which offers integrated security analytics for big data. The updates include HP ArcSight Threat Detector 2.0 and cloud-readyHP ArcSight Threat Response Manager 5.5.

According to the company, these solutions are designed to enhance threat detection through improved security analytics for big data. HP enables users to quickly identify potential attackers and take action proactively to minimize business impact and prevent disruption to critical client services.

The latest version 2.0 of HP ArcSight Threat Detector now comes with pre-defined profiles, which can automatically detect attack attempts in large data sets. To discover criminal or fraudulent conduct, the software analyzes large amounts of different data.

The latest update contains prefabricated pattern profiles that use heuristic analysis to areas where threats typically occur. This includes patterns of use of browsers, discovery of distributed attacks, and early detection of attacks and profiling of the action patterns.

HP ArcSight Threat Detector analyzes log data to identify normal and abnormal behavior patterns. Once the software detects recurring patterns of events, it stores information about the event history to distinguish harmless data from threatening patterns. On this basis, HP ArcSight Threat Detector automatically creates rules to continue to discover threats in real time, including zero-day attacks.

HP ArcSight Threat Response Manager now includes cloud-supporting closed-loop functions for faster discovery and provides improved correlations of user identities, roles, and activities about security events and incidents of time.

By automating threat detection across network, HP ArcSight allowed companies to move to a much more proactive approach to information security and improve ability to detect risks that might affect overall system performance by a factor of 10. HP says adversaries only need to get it right once to invoke serious damage on an organization’s private data, ability to provide critical service or corporate reputation. With solutions designed to enhance threat detection through improved security analytics for big data, HP enables users to quickly identify potential attackers and take action proactively to minimize business impact and prevent disruption to critical client services.

HP is betting big on big data solutions. The company recently announced big data analytics platform HAVEn, which uses technology from HP Autonomy, HP Vertica, HP ArcSight, HP Operations management and Hadoop. HAVEn helps companies and government agencies to evaluate large amounts of data in real time.