Automate with the ArcSight Data Platform and Respond Software

by in Security

Businesses today are facing an unprecedented level of risk. IBM estimates that businesses are attacked an average of 16,856 times a year, and according to a joint report by Lloyd’s and Cyence, a single large-scale attack could cause up to $53 billion in damages.  Security Operation Centers (SOCs) clearly must adapt to the new level of risk, but many are challenged with the exponential growth of event data and the shortage of cyber security talent as highlighted in the State of Security Operations 2018 Report.   

Automate with the ArcSight Data Platform and Respond Software.jpgArcSight announced an open platform strategy a few years ago to help this imbalance.  By adopting an open platform strategy and making the data available through the ArcSight Data Platform (ADP), ArcSight enables third-party developers to apply new detection techniques to the data and provide greater visibility to the organization.  Respond Software is one of those developers.  Respond was founded by security experts who have direct experience with ArcSight and decades of experience building SOCs and training security analysts.  They’ve embedded that experience in the Respond Analyst, an AI-based expert system that autonomously does what a frontline analyst does in the SOC.  The Respond Analyst works alongside human security analysts within the ArcSight workflow to evaluate, scope, and prioritize events, then deliver fully-vetted and thorough cases for incident response.  It's designed specifically to handle high volume, low signal data sources such as your IDS and IPS systems in real-time and makes decisions based on its embedded expertise.   With the Respond Analyst, ArcSight customers benefit from:

  • No content writing – pre-built reasoning is continuously updated with current threat intelligence and personalized by learning from your environment
  • Full stream of high volume, low signal data such as IPS evaluated – meet EPS targets without tuning down your devices
  • Fully-vetted cases for incident response – identified incidents are prioritized and sent back to the ArcSight console with reasoning and supporting data

Join Steve Forsyth, ArcSight Product Manager, and Steve Dyer, CTO of Respond Software on Wednesday, March 28 at 10:00am Pacific / 1:00pm Eastern in the joint webinar  “3 Ways to Get More Value from ArcSight with the Respond Analyst” and learn more about how Respond can work with your ArcSight deployment.


Security Operations