Guest post By Jason Schmitt
Vice President & General Manager, ArcSight and Fortify, Enterprise Security Products at Micro Focus
There is exciting news happening here at ArcSight. We have a new partnership which pairs the powerful ArcSight Data Platform with the Elastic stack in order to unlock new innovation in security operations.
Security operations is rapidly shifting as we enter the world of big data. The availability of big data, storage and processing power has only recently become affordable for cyber security and is blazing a trail for innovation and opportunity.
ArcSight’s crown jewel of innovation in this era of big data is the ArcSight Data Platform (ADP). The value of structured, normalized cyber security data from disparate telemetry sources is indisputably useful for downstream analytics and innovation. Within our data platform, ArcSight’s 400+ out-of-the box connectors can generate clean, structured data. Further, we pair that with our Event Broker (a Kafka-based message bus) which connects ArcSight to third-party platforms to bring unprecedented visibility across every part of the Enterprise (IT, OT, IoT, and Physical). This collect once-subscribe anywhere model boasts consumption capabilities of up to 1 million events per second. With this open architecture, not only can it take data from anywhere, it can send that data to any location – whether ArcSight ESM or third-party platforms such as Elastic.
We are truly open for innovation as evidenced by a new product integration between the Elastic Stack and ArcSight. ArcSight and Elastic have created a technology integration to easily bring rich security data (normalized, enriched, structured) into a flexible, scalable data platform. The new partnership combines Elastic’s open source search, logging and analytics products with ADP to provide real-time capabilities and ad hoc security data exploration at scale. Available immediately, the Elastic Stack ArcSight Integration gives security teams real-time visibility into ArcSight security events with an open source capability to “build-your-own” security insights. The integration provides a turnkey experience for processing data in Logstash, ingesting data into Elasticsearch, visualizing data in packaged Kibana dashboards, and the ability to install Elastic’s X-Pack features, such as security, alerting, monitoring, reporting, graph analytics, and machine learning.
Read the whitepaper: Data from Everywhere to Anywhere: Open Architecture
Download and test the new ArcSight + Elastic integration