Palo Alto, CA, United States
Palo Alto, CA, United States

ArcSight was a company founded in 2000 that provides big data security analytics and intelligence software for security information and event management and log management solutions. ArcSight solutions help customers identify and prioritize security threats, organize and track incident response activities, and simplify audit and compliance activities. May 2013 marked the 10th consecutive year that Gartner Magic Quadrant for SIEM rated ArcSight in the leader’s quadrant. It became a subsidiary of Hewlett-Packard in 2010.HP ArcSight, headquartered in Sunnyvale, California, USA, with sales offices in other countries. Wikipedia.


Time filter

Source Type

News Article | December 5, 2016
Site: www.businesswire.com

ARLINGTON, Va.--(BUSINESS WIRE)--Accenture (NYSE:ACN) today announced that veteran cybersecurity expert Justin Harvey has joined the company as managing director and global lead for the Incident Response Practice. Harvey brings more than 20 years of experience to Accenture and specializes in endpoint detection and response, defense against cyberespionage, security operations, incident response and threat intelligence. In his new role, Harvey will focus on expanding Accenture’s incident response and breach readiness solutions that address preparedness through threat identification and eradication for Accenture’s global client base. “How a business manages the immediate aftermath of a cyberattack is just as important as what they do to prevent a breach from happening in the first place,” said Kelly Bissell, managing director, Accenture Security. “Justin has a wealth of experience and cyber crisis management expertise in helping organizations in the commercial, government and defense sectors manage large-scale incident responses. As a proven industry leader, he will help our clients prepare for and tackle this very important security challenge, and I am delighted to have him on board.” “My passion is working directly with clients around the globe to build cyber defense capabilities that focus on the detection, response and resolution of targeted threats,” said Justin Harvey. “I joined Accenture because I firmly believe the company has a commitment to innovation, unmatched industry know-how and proven solutions that can combat the greatest security threats out there. This is a unique opportunity and I am very excited to lead Accenture’s Incident Response Practice.” Harvey brings in-depth technical knowledge of targeted threats by cybercriminal adversaries as well as their tactics, techniques and procedures. He comes to Accenture from Fidelis Cybersecurity where he served as the Chief Security Officer. Previously, Harvey spent more than twenty years at leading advanced teams including FireEye, Mandiant and ArcSight/HP developing strategies and solutions in information technology and security. Accenture Security helps organizations build resilience from the inside out, so they can confidently focus on innovation and growth. Leveraging its global network of cybersecurity labs, deep industry understanding across client value chains and services that span the security lifecycle, Accenture protects organization’s valuable assets, end-to-end. With services that include strategy and risk management, cyber defense, digital identity, application security and managed security, Accenture enables businesses around the world to defend against known sophisticated threats, and the unknown. Follow us @AccentureSecure on Twitter or visit the Accenture Security blog. Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions – underpinned by the world’s largest delivery network – Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With more than 384,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com.


SAN MATEO, CA--(Marketwired - Feb 13, 2017) - Exabeam announced today that Cyber Defense Magazine, the industry's leading electronic information security magazine and media partner of the RSA® Conference 2017, has named Exabeam Advanced Analytics winner of the Editor's Choice in User Behavior Analytics. After many months of review and judged by leading independent information security experts, Cyber Defense Magazine is pleased to have selected Exabeam as a winner for their Advanced Analytics solution. "We're thrilled to recognize next-generation innovation in the information security marketplace and that's why Exabeam has earned this award from Cyber Defense Magazine. Some of the best INFOSEC defenses come from these kinds of forward thinking players who think outside of the box," said Pierluigi Paganini, Editor-in-Chief, Cyber Defense Magazine. Exabeam Advanced Analytics is the world's most-deployed User and Entity Behavior Analytics (UEBA) solution. Advanced Analytics detects insider threats, compromised accounts and data loss via deep learning and specialized statistical risk models. With the ability to accurately model the behavior of users, entities, and even security alerts from other security solutions, Exabeam can quickly detect complex threats, prioritize security alert investigation, and slash the response time of incident investigations. By automatically recreating entire attack chains, and piecing together both normal and anomalous behavior of users and entities, Exabeam dramatically reduces the time and effort security analysts must spend on investigations. Based on a patented session data model, Exabeam creates -- in seconds -- automatic incident timelines that show all activity -- good and bad -- across multiple IP addresses, devices, and credentials. Exabeam Advanced Analytics amplifies the abilities of SOC and IR staff by automating the manual drudge of investigations, thus freeing up resources for more proactive security initiatives like threat hunting. "CDM's recognition of Exabeam Advanced Analytics further validates our company as an innovator," said Rick Caccia, Exabeam CMO. "This industry honor is the greatest endorsement to the fact that Exabeam Advanced Analytics is ahead of the curve when it comes to the best-of-the-best products that can provide the highest security in User Behavior Analytics." Cyber Defense Magazine is the premier source of IT Security information. We are managed and published by and for ethical, honest, passionate information security professionals. Our mission is to share cutting edge knowledge, real world stories and awards on the best ideas, products and services in the information technology industry. We deliver electronic magazines every month online for free and limited print editions exclusively for the RSA Conferences and our paid subscribers. Learn more about us at http://www.cyberdefensemagazine.com Exabeam provides security intelligence and management solutions to help organizations of any size protect their most valuable information. The Exabeam Security Intelligence Platform uniquely combines unlimited data collection at a predictable price, machine learning for advanced analytics, and automated incident response into an integrated set of products. The result is the first modern security intelligence solution that delivers where legacy SIEM vendors have failed. Built by seasoned security and enterprise IT veterans from Imperva, ArcSight, and Sumo Logic, Exabeam is headquartered in San Mateo, California. Exabeam is privately funded by Norwest Venture Partners, Aspect Ventures, Icon Ventures, Lightspeed Venture Partners, Cisco Investments, and investor Shlomo Kramer. Follow us on Facebook, Twitter, and LinkedIn.


News Article | November 18, 2016
Site: www.marketwired.com

SAN MATEO, CA--(Marketwired - Nov 18, 2016) - Exabeam, the leader in user and entity behavior analytics (UEBA) for security, has been named a finalist in the Best Emerging Technology Excellence Award category for the 2017 SC Awards. Finalists are recognized for outstanding leadership and providing superior security products to the cybersecurity industry. Winners will be announced at the SC Awards 2017 ceremony to be held February 14, 2017 in San Francisco. Exabeam's UEBA solution analyzes user and machine behavior using existing log, endpoint, and other data to quickly detect advanced attacks, prioritize incidents and guide effective response. Exabeam has helped companies across industries uncover attacks that are otherwise invisible to other security solutions. "Ransomware, nation-state cyber attacks, IoT vulnerabilities, data privacy issues and more are dominating the headlines right now and it's critical that we amplify the importance of these problems and highlight the actions organizations can take to safeguard their organizations and their critical data assets," said Illena Armstrong, VP, editorial, SC Media. "As bad actors are constantly changing strategy, so too are the men, women and companies endeavoring to stop them in their tracks. These finalists have shown that they are the best at what they do." The SC Awards program, now in its 20th year, is recognized throughout the industry as the gold standard of excellence in cybersecurity. Winners in the Excellence category are determined by an expert panel of judges, hand-picked by SC Media's editorial team for their breadth of knowledge and experience in cybersecurity industry. The Excellence Award honors the professionals, products and services that have proven to be the best in the industry for protecting today's corporate world from an array of risks and threats. "The biggest challenge for any CISO is the knowledge that there are threats and attacks hitting their organization that they can't see," said Nir Polak, CEO of Exabeam. "Catching malicious insiders and identifying compromised credentials among the myriad alerts and incidents can overwhelm the already-burdened security analysts of most enterprises. Being a Best Emerging Technology finalist validates what we're hearing from customers: That Exabeam solves a critical problem cleanly and reduces workload so security analysts can focus on the highest risk incidents." "It's been said that cybercriminals are often the earliest adopters of new technologies, creating a unique challenge for organizations trying to protect private and public sector companies from attacks," added Armstrong of SC Media. "As a finalist, we recognize Exabeam as one of an elite group of companies able to successfully meet this constantly evolving challenge head-on." The SC Awards gala honoring the winners and the best in the industry attracts top professionals in the cybersecurity community and provides an invaluable opportunity for networking. To register for the 2017 SC Awards Gala, please visit http://www.scmagazine.com/awards/. About Exabeam Exabeam's user and entity behavior analytics solution leverages existing log data to quickly detect advanced attacks, prioritize incidents and guide effective response. The company's Stateful User Tracking™ automates the work of security analysts by resolving individual security events and behavioral anomalies into a complete attack chain. This dramatically reduces response times and uncovers attack impacts that would otherwise go unseen. Built by seasoned security experts and enterprise IT veterans from Imperva, ArcSight and Sumo Logic, Exabeam is headquartered in San Mateo, California and is privately funded by Aspect Ventures, Icon Ventures, Investor Shlomo Kramer and Norwest Venture Partners. Visit us on Facebook or Twitter and follow us on LinkedIn. About SC Media SC Media is cybersecurity. We've lived it for more than 25 years, sharing industry expert guidance and insight, in-depth features and timely news, and independent product reviews in various content forms in partnership with and for top-level information security executives and their technical teams. SC Media arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies. We deliver breaking news, comprehensive analysis, cutting-edge features, contributions from thought leaders, and the best, most extensive collection of product reviews in the business. Whether through our comprehensive website, magazine, in-depth eBooks, newsletters, or regularly scheduled digital and live events -- such as our SC Awards program, SC Media Roundtables or SC Congress Toronto, New York, Boston, Chicago, and London -- our readers gain all the relevant information they need to safeguard their organizations and, ultimately, contribute to their longevity and success. Friend us on Facebook: http://www.facebook.com/SCMag Follow us on Twitter: http://twitter.com/scmagazine


News Article | February 20, 2017
Site: www.marketwired.com

SAN MATEO, CA--(Marketwired - Feb 20, 2017) - Exabeam, the market leader in User and Entity Behavior Analytics, is pleased to announce that its Advanced Analytics product won the award for Best Emerging Technology at the 2017 SC Magazine Awards. The award was presented Tuesday, February 14 during the SC Awards Dinner at the the RSA Conference in San Francisco. This award win comes on the heels of continued innovation for Exabeam with its recently launched Security Intelligence Platform, an analytics-led solution for data collection, threat detection, and automated incident response. An early leader in the user and entity behavior analytics (UEBA) market, Exabeam's 2016 sales were almost triple those of the prior year, with new global customers in the financial services, retail, energy, healthcare, and government industries. "We're on a mission to disrupt the traditional security intelligence market, as the rise of identity-based and insider attacks via stolen or misused credentials requires a new approach," said Exabeam CEO, Nir Polak. "This esteemed recognition further empowers us to push the boundaries of traditional SIEM offerings to help organizations quickly identify and triage threats -- before damage is done." "From advanced hacks to massive malvertising campaigns to a host of ransomware variations, 2016 showed that once again, cybercriminals are upping their game when it comes to exploiting today's businesses," said Illena Armstrong, VP, editorial, SC Media. "As a winner in the Excellence Award category of the SC Awards, Exabeam proved their ability to execute comprehensive security measures to protect the enterprise from data-stealing attacks." The mission of the SC Awards is to honor the achievements of companies and information security professionals striving to safeguard businesses, their customers and critical data. Winners in the Excellence Award category of the SC Awards were selected by a panel of IT security experts from both the private and public sector. During the judging process, each finalist went through a rigorous evaluation that included in-depth analysis, analyst reports and/or product reviews. After a thorough and comprehensive analysis of each finalist's strengths, Exabeam was chosen as the winner of an Excellence Award for Best Emerging Technology. Exabeam provides security intelligence and management solutions to help organizations of any size protect their most valuable information. The Exabeam Security Intelligence Platform uniquely combines unlimited data collection at a predictable price, machine learning for advanced analytics, and automated incident response into an integrated set of products. The result is the first modern security intelligence solution that delivers where legacy SIEM vendors have failed. Built by seasoned security and enterprise IT veterans from Imperva, ArcSight, and Sumo Logic, Exabeam is headquartered in San Mateo, California. Exabeam is privately funded by Norwest Venture Partners, Aspect Ventures, Icon Ventures, Lightspeed Venture Partners, Cisco Investments, and investor Shlomo Kramer. Follow us on Facebook, Twitter, and LinkedIn. SC Media is cybersecurity. We've lived it for more than 25 years, sharing industry expert guidance and insight, in-depth features, timely news, and independent product reviews in various content forms in partnership with and for top-level information security executives and their technical teams. SC Media arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies. We deliver breaking news, comprehensive analysis, cutting-edge features, contributions from thought leaders, and the best, most extensive collection of product reviews in the business. Whether through our comprehensive website, magazine, in-depth eBooks, newsletters, or regularly scheduled digital and live events -- such as our SC Awards program, SC Media Roundtables or SC Congress London and other live events in New York, Boston and Chicago -- our readers gain all the relevant information they need to safeguard their organizations and, ultimately, contribute to their longevity and success. Join us on Facebook: http://www.facebook.com/SCMag Follow us on Twitter: http://twitter.com/scmagazine


Qualys Cloud Platform helps HPE MSS to provide customers with a continuous view of their security and compliance posture across their global IT assets REDWOOD CITY, CA--(Marketwired - Nov 2, 2016) - Qualys, Inc. ( : QLYS), a pioneer and leading provider of cloud-based security and compliance solutions today announced the integration of the Qualys Cloud Platform and Qualys Vulnerability Management within the Hewlett Packard Enterprise Managed Security Services (MSS) portfolio. These new MSS offerings help enterprises get continuous visibility of global IT security and compliance across data centers and public and private clouds. Organizations moving to the cloud must manage IT security and compliance posture across increasingly diverse global asset environments. As a cloud-based solution, Qualys Cloud Platform integrates real-time visibility of those assets, vulnerabilities and key policy configurations into a single viewpoint. The HPE MSS portfolio leverages the Qualys solutions to extend this visibility and integrate it with big data, security analytics and Security Information and Event Management (SIEM) platforms such as HPE Security ArcSight. This gives customers increased scalability, flexibility and ease of use, enabling them to quickly and securely add continuous visibility to new cloud workloads and instances. "HPE is helping businesses protect themselves while integrating critical infrastructure for digital transformations," said Philippe Courtot, chairman and CEO, Qualys, Inc. "With the Qualys Cloud Platform, HPE can provide customers two-second visibility of their security and compliance posture across global IT assets whether on premise, mobile endpoints or elastic cloud environments." "With the increasing sophistication of attackers, organizations need scalable, real-time visibility of their entire IT security and compliance environment, whether it's on-premise or in the cloud," said Art Wong, senior vice president and general manager, HPE Security Services, Hewlett Packard Enterprise. "The new HPE MSS offerings leveraging the Qualys Vulnerability Management and Cloud Platform provide customers with a multitenant architecture that delivers greater security visibility to help detect and respond to threats." Continuous Visibility with Qualys Cloud Platform and Cloud Agent HPE will leverage the Qualys Cloud Agent to enable customers with real-time visibility integrated into the fabric of their hybrid cloud and on-premises environments. The lightweight 2 MB Qualys Cloud Agent installs on assets in any major public cloud platform, on-premises or remote location, then deliver real-time IT security and compliance data to Qualys Cloud Platform from anywhere online. The Qualys Cloud Platform is available as a shared cloud service or a private cloud. The private cloud, also available to HPE MSS customers, enables continuous visibility of data on-premises while leveraging the benefits of Qualys' remote management and web-based console as well as HPE's global security experts. About Qualys Qualys, Inc. ( : QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 8,800 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The Qualys Cloud Platform and integrated suite of solutions help organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, SecureWorks, Fujitsu, HCL Comnet, Infosys, NTT, Optiv, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA). For more information, please visit www.qualys.com. Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.


News Article | March 1, 2017
Site: www.marketwired.com

SUNNYVALE, CA--(Marketwired - Mar 1, 2017) - SafeBreach, the leading provider of continuous security validation, today announced that the company has been selected to Momentum Partners' Q1 2017 Quarterly Market Report Watch List, a periodical assessment of cybersecurity market activity featuring a comprehensive assessment of deal-making, market momentum and M&A activity. Each quarter, Momentum Partners features ten companies for their Watch List, selected based on the firm's assessment of industry trends, market activity and innovative approach to current cybersecurity challenges. "Momentum Partners has a keen focus on significant market trends and an extensive knowledge of the IT security industry," said Guy Bejerano, CEO and co-founder of SafeBreach. "To be named to their Watch List is validation that the SafeBreach platform, and our hacker's view of measuring risks and challenging security defenses, is the right approach and one that we believe is essential to protecting high value data and the systems where that data resides." The SafeBreach platform, in combination with the Hacker's Playbook™ of breach methods, gives security operations center (SOC) teams the adversary's perspective to continually quantify security risks and validate the efficacy of security controls. SafeBreach recently announced a strategic reseller agreement with Hewlett Packard Enterprise (HPE);  the platform also complements the Security ArcSight SIEM solution to help its customers quantify their current risks and then quickly pivot into steps towards remediation and mitigation. SafeBreach also recently announced integration with Visa Threat Intelligence to help the payment industry weaponize threat intelligence. By transforming threat intelligence indicators of compromise into breach methods, companies can understand the impact of an up-to-date threat, and react quickly to address gaps. About SafeBreach: SafeBreach is a pioneer in the emerging category of continuous security validation. The company's groundbreaking platform provides a "hacker's view" of an enterprise's security posture to proactively predict attacks, validate security controls and improve SOC analyst response. SafeBreach automatically executes breach methods with an extensive and growing Hacker's Playbook™ of research and real-world investigative data. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital, Hewlett Packard Pathfinder and investor Shlomo Kramer. SafeBreach is a 2016 SINET16 Innovator, and a finalist for the RSA 2016 Innovation Sandbox and BlackHat Most Innovative Startup competitions. For more information, visit www.safebreach.com or follow on Twitter @SafeBreach.


ARLINGTON, Va., Nov. 2, 2016 /PRNewswire/ -- Endgame, a leading provider of endpoint security solutions to hunt for advanced threats and close the protection gap, today announced its certified integration with HPE Security ArcSight. As the first comprehensive Indicators of Compromise...


SUNNYVALE, CA--(Marketwired - Feb 14, 2017) - SafeBreach, the leading provider of continuous security validation, today announced that the company has signed a strategic reseller agreement with Hewlett Packard Enterprise (HPE), making the SafeBreach platform available to HPE enterprise and government customers worldwide. Hewlett Packard Pathfinder is an investor in SafeBreach and participated in the company's $15 million Series A funding round in July 2016. With cybercrime on the rise globally and a trend toward more stringent information security and data privacy regulations -- such as the European Union's General Data Protection Regulation (GDPR) -- security teams are challenged to ensure that the existing security defenses they have deployed are not only working properly, but adhering to security and compliance standards. Today, organizations rely on point-in-time snapshots to provide a measure of their current security posture. Thus, their ability to know if they are truly secure and adhering to compliance standards are limited in providing an accurate understanding of their risk. The SafeBreach platform, in combination with the Hacker's Playbook™ of breach methods, gives security operations center (SOC) teams the adversary's perspective to continually quantify security risks and validate the efficacy of security controls. SafeBreach's pioneering efforts in continuous security validation addresses the needs of global enterprises who want an active assessment of their security defenses as well as those struggling to measure the risk of their current environment. SafeBreach is also now a part of the HPE Technology Alliances Program (TAP), enabling security operations teams to consume SafeBreach events and alerts on the HPE Security ArcSight Security Information and Event Management (SIEM) solution. Once fully integrated into a customer's environment, the combined SafeBreach and HPE Security ArcSight solution will help empower organizations to quantify their current risk via the SafeBreach platform and then quickly pivot into steps towards remediation and mitigation. "Today's enterprise is at risk from aggressive and motivated threat actors determined to steal high value intellectual property, private data and other digital assets. In response, governments worldwide are imposing more stringent regulations intended to better protect the public from the effects of a data breach," said Itzik Kotler, CTO and co-founder at SafeBreach. "The SafeBreach platform addresses both situations with technology that simulates hackers' set of breach methods to identify issues, while helping companies avoid the regulatory penalties associated with non-compliance." "As cybercriminals continue to increase in speed and sophistication, organizations must not only understand their potential vulnerabilities, but also respond to attacks at scale," said Chandra Rangan, Vice President Product Marketing, HPE Software, Hewlett Packard Enterprise. "SafeBreach's continuous security validation platform offers a strong complement to the ArcSight SIEM solution, helping customers quickly identify their risk posture, and then turn potential threats into actionable insights that enable security analysts to respond and remediate in real-time." SafeBreach is exhibiting this week at the RSA Conference. Stop by booth N2905 to learn more. The SafeBreach centralized management system incorporates the complete Hacker's Playbook of breach methodologies, and manages a distributed network of breach simulators from a centralized location. SafeBreach simulators perform the role of the attacker, simulating traffic within the cyber kill chain. For example, to simulate breach methods for a Payment Card Industry (PCI) credit card exfiltration use case, breach methods are executed between simulators placed in the PCI segments and other segments, including the cloud and Internet. About SafeBreach: SafeBreach is a pioneer in the emerging category of continuous security validation. The company's groundbreaking platform provides a "hacker's view" of an enterprise's security posture to proactively predict attacks, validate security controls and improve SOC analyst response. SafeBreach automatically executes breach methods with an extensive and growing Hacker's Playbook™ of research and real-world investigative data. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital, Hewlett Packard Pathfinder and investor Shlomo Kramer. SafeBreach is a 2016 SINET16 Innovator, and a finalist for the RSA 2016 Innovation Sandbox and BlackHat Most Innovative Startup competitions. For more information, visit www.safebreach.com or follow on Twitter @SafeBreach.


An unstructured event parser analyzes an event that is in unstructured form and generates an event that is in structured form. A mapping phase determines, for a given event token, possible fields of the structured event schema to which the token could be mapped and the probabilities that the token should be mapped to those fields. Particular tokens are then mapped to particular fields of the structured event schema. By using the Nave Bayesian probability model, a probabilistic mapper determines, for a particular token and a particular field, the probability that that token maps to that field. The probabilistic mapper can also be used in a regular expression creator that generates a regex that matches an unstructured event and a parameter file creator that helps a user create a parameter file for use with a parameterized normalized event generator to generate a normalized event based on an unstructured event.


Patent
ArcSight | Date: 2010-05-27

A system for generating a parser and using the parser to parse a target file includes a target file description, an output format description, a Parser generator, a Parser, a target file, and a result object. The target file description and the output format description are included in one or more properties files, which are text files that include one or more name/value pairs (properties). The target file description and the output format description are input into the Parser generator, which outputs the Parser. The target file is input into the Parser, which outputs the result object. The target file description specifies one or more parsers and/or tokenizers that can be used to parse the target file. The parsers and/or tokenizers specified by the target file description are part of the generated Parser. These parsers and/or tokenizers make the Parser more flexible, which enables the Parser to parse semi-structured data.

Loading ArcSight collaborators
Loading ArcSight collaborators