Cybersecurity
DevOps Cloud (ADM)
IT Operations Cloud
General Availability – ArcSight 2023.1
OpenText Cybersecurity is excited to announce the availability of ArcSight 2023.1, a historic release that marks the launch of Real-Time Threat Detection on the ArcSight SaaS platform and the start of a new chapter for ArcSight users, who now have the full power of the ArcSight portfolio available to them in a cloud-hosted environment. We are proud to provide cybersecurity teams with one of the market’s few truly-complete SIEM as a Service (SaaS) solutions, backed by real-time threat detection, SOAR, threat intelligence, behavioral analytics, search, log management and compliance capabilities.
This release comes at a critical time for SOCs (Security Operations Centers). Defending against modern cyberthreats is a major challenge for security teams, who face off against increasingly complex threats while monitoring an ever-expanding attack surface. As the list of potential threats grows longer and the shortage of skilled security professionals continues to take its toll, security teams are seeing their workloads increased as they faithfully strive to limit their organization’s threat exposure. And to make things worse, many teams find themselves having to dedicate a significant amount of time and energy to system administration, maintenance, and updates for their security tools.
ArcSight understands these challenges, and with the 2023.1 release, demonstrates its commitment to providing industry-leading security solutions that are responsive to today’s ever-changing threat landscape. ArcSight 2023.1 enables you to simplify your security operations and reduce your threat exposure time with real-time detection, native SOAR, enhanced search, new integrations, and more.
By offering real-time threat detection on SaaS, ArcSight advances beyond typical SIEM market offerings to provide you with a truly complete SIEM as a Service solution. The combination of real-time detection and automated response enables your security team to quickly detect and respond to known threats, helping you to achieve your mean time to detect (MTTD) and mean time to respond (MTTR) goals and, more importantly, reducing your organization’s overall cyber risk and threat exposure.
With ArcSight SaaS, the security operations experience is simplified by eliminating the need to buy, install, and manage servers. With infrastructural workloads, maintenance, and learning curves reduced through SIEM as a Service, your team of analysts gets their time back so they can focus on being the efficient threat hunters and cybersecurity heroes they long to be.
Backed by 20 years of experience in the SIEM space, ArcSight is proud to provide you and your team with a portfolio of cutting-edge solutions, fully deployable on both SaaS and off-cloud environments, that empower your team to tackle modern threats with 360° threat analysis and streamlined real-time cyber defense.
ArcSight SaaS with Real-Time Threat Detection
Responding to threats with speed and efficiency is essential to security operations. There are many useful threat detection technologies in the market today, but real-time event correlation from a SIEM is still the fastest method to uncover and escalate known threats in a cyber environment. It alerts analysts to threat-correlated events in real-time, rather than making them wait on batched searches. ArcSight has been a long-time market leader in real-time threat detection and is now one of the few vendors to offer this capability in the SaaS space.
ArcSight SaaS Real-Time Detection acts as a comprehensive data collection and real-time threat analysis solution to alert SOC analysts to known threats as they occur. Backed by native SOAR (more on that below) and a native threat intelligence feed (GTAP) that provides up-to-date information on the latest threats and malicious campaigns, ArcSight SaaS Real-Time Threat Detection enables security teams to react quickly and accurately to threat indicators and cyber incidents before damage is done. Dynamic event risk scoring and prioritization help analysts to avoid false positives and focus on the highest-priority threats. ArcSight SaaS Real-Time Threat Detection also enables organizations with enhanced threat visibility, dashboards, compliance support, MITRE ATT&CK integration, and more, to provide them with a clearer view of their security posture.
ArcSight SaaS Real-Time Threat Detection is the natural successor of ArcSight Enterprise Security Manager (ESM). For years, ArcSight users have benefited from ESM’s market-leading real-time detection capabilities in off-cloud environments where architectural maintenance is an unfortunate necessity. With the launch of Real-Time Threat Detection on ArcSight SaaS, SOC teams can ditch the drawbacks of time-consuming maintenance while maintaining the enterprise-wide threat visibility that ESM users have come to hold dear. Additionally, ArcSight SaaS delivers enhanced reporting and case management capabilities, and opens the door for further SIEM enhancements moving into the future.
SOAR on ArcSight SaaS
Security Orchestration, Automation, and Response (SOAR) is an essential aspect of modern security analytics as it enables organizations to respond to threats swiftly and cohesively. It is critical to efficient security operations as it reduces false positives, automates response, and facilitates team collaboration.
Since the launch of ArcSight SOAR (off-cloud) in 2020, ArcSight has provided SOAR as a complementary, native solution. And in December 2022, ArcSight brought its SOAR to the SaaS world, as a native component of the ArcSight SaaS platform. With out-of-the-box playbooks and 120+ integration plugins, ArcSight SOAR effectively and efficiently automates and orchestrates triage, investigation, and response activities. It supports visual workflow playbooks, detailed reporting on KPIs, and greater team collaboration through a detailed case timeline.
SOAR is closely aligned with Real-Time Threat Detection and will handle all case management and automated response for the ArcSight SaaS platform. By detecting threats in real-time, prioritizing the riskiest threats, and then turning SOAR lose on those threats with automated response and a coordinated team effort, ArcSight reduces threat exposure while enhancing operational efficiency.
ArcSight 2023.1 features new releases of:
• ArcSight SIEM as a Service (SaaS)
• ArcSight Platform 23.1
• ArcSight ESM 7.6.4
• ArcSight Intelligence 6.4.4
• ArcSight Recon 1.5.1
• ArcSight SOAR 3.5
• ArcSight GTAP 2.0
• Transformation Hub 3.7
• ArcSight Management Center 3.2
• ArcSight SmartConnectors 8.4.1
• ArcSight Logger 7.2.2
The key features and improvements of our ArcSight 2023.1 release are listed below. Please refer to the individual product documentation and release notes (cited at the end of this post) for more complete information.
Release Highlights for ArcSight SIEM as a Service (SaaS)
Real-Time Threat Detection
SOAR
Log Management and Compliance
Behavioral Analytics
ArcSight GTAP Basic 2.0 (Released November 2022)
ArcSight GTAP+ 2.0 (Released November 2022)
Release Highlights for the ArcSight Platform (On-Prem/Off-Cloud)
ArcSight ESM 7.6.4
ArcSight Intelligence 6.4.4
ArcSight Recon 1.5.1
ArcSight SOAR 3.5
ArcSight GTAP Basic 2.0 and GTAP+ 2.0 (Released November 2022)
ArcSight Transformation Hub 3.7
ArcSight Management Center 3.2
ArcSight SmartConnectors 8.4.1
ArcSight Logger 7.2.2
ArcSight Documentation
User Guides, Release Notes, and more
Resources
Contact us today to schedule a demo and consultation to learn exactly how ArcSight SaaS can empower your SOC team! And if you’re attending the RSA Security Conference next week (April 24-27), be sure to stop by our booths to chat (booth 5305 in the North Hall and booth 0654 in the South Hall).
Thank you,
ArcSight Product Team
PS: Have you heard? ArcSight scored 10/10 in a Competitive SIEM Benchmark Evaluation by an industry analyst focused on MITRE ATT&CK. Read the report for free here.