ArcSight was a company founded in 2000 that provides big data security analytics and intelligence software for security information and event management and log management solutions. ArcSight solutions help customers identify and prioritize security threats, organize and track incident response activities, and simplify audit and compliance activities. May 2013 marked the 10th consecutive year that Gartner Magic Quadrant for SIEM rated ArcSight in the leader’s quadrant. It became a subsidiary of Hewlett-Packard in 2010.HP ArcSight, headquartered in Sunnyvale, California, USA, with sales offices in other countries. Wikipedia.
Dash D.,ArcSight |
Polyzotis N.,University of California at Santa Cruz |
Ailamaki A.,Ecole Polytechnique Federale de Lausanne
Proceedings of the VLDB Endowment | Year: 2011
Index tuning, i.e., selecting the indexes appropriate for a workload, is a crucial problem in database system tuning. In this paper, we solve index tuning for large problem instances that are common in practice, e.g., thousands of queries in the workload, thousands of candidate indexes and several hard and soft constraints. Our work is the first to reveal that the index tuning problem has a well structured space of solutions, and this space can be explored efficiently with well known techniques from linear optimization. Experimental results demonstrate that our approach outperforms state-of-theart commercial and research techniques by a significant margin (up to an order of magnitude). © 2011 VLDB Endowment. Source
ArcSight | Date: 2010-05-27
A system for generating a parser and using the parser to parse a target file includes a target file description, an output format description, a Parser generator, a Parser, a target file, and a result object. The target file description and the output format description are included in one or more properties files, which are text files that include one or more name/value pairs (properties). The target file description and the output format description are input into the Parser generator, which outputs the Parser. The target file is input into the Parser, which outputs the result object. The target file description specifies one or more parsers and/or tokenizers that can be used to parse the target file. The parsers and/or tokenizers specified by the target file description are part of the generated Parser. These parsers and/or tokenizers make the Parser more flexible, which enables the Parser to parse semi-structured data.
ArcSight | Date: 2010-09-13
An unstructured event parser analyzes an event that is in unstructured form and generates an event that is in structured form. A mapping phase determines, for a given event token, possible fields of the structured event schema to which the token could be mapped and the probabilities that the token should be mapped to those fields. Particular tokens are then mapped to particular fields of the structured event schema. By using the Nave Bayesian probability model, a probabilistic mapper determines, for a particular token and a particular field, the probability that that token maps to that field. The probabilistic mapper can also be used in a regular expression creator that generates a regex that matches an unstructured event and a parameter file creator that helps a user create a parameter file for use with a parameterized normalized event generator to generate a normalized event based on an unstructured event.
News Article | October 21, 2015
As HP's split nears, the company is divesting its TippingPoint network security business unit, which isn't considered to be core to Hewlett Packard Enterprise's mission. Just ahead of HP's historic corporate split, the company announced today that it is selling TippingPoint to Trend Micro in a deal valued at approximately $300 million. Trend Micro's acquisition of TippingPoint, expected to close in the first quarter of HP's fiscal 2016, will mark the third time in a just over a decade that the network security vendor has had a new owner. Networking vendor 3Com acquired TippingPoint in December 2004, and HP bought 3Com in 2010. Trend Micro's plan is to combine some of its existing assets with the TippingPoint technologies to build a new Network Defense business unit. As was the case under both 3Com and HP, the Tipping Point name is likely to remain in place. "Trend Micro intends to retain the TippingPoint brand for its Network Defense line of business," Steve Quane, executive vice president, Network Defense, Trend Micro, told eWEEK.TippingPoint builds and develops network security devices, including intrusion-prevention systems (IPS) hardware.TippingPoint is also known for its research efforts, which include Digital Vaccine Labs (DVLabs) and the Zero-Day Initiative. ZDI is celebrating its 10th anniversary this year as an effort that pays security researchers for vulnerabilities. ZDI also operates the Pwn2own hacking competition, which awards researchers for exploiting Web browsers and mobile devices. Under Trend Micro's ownership, DVLabs and ZDI will play key roles, Quane said. "DVLabs and ZDI will continue to operate within our Network Defense line of business, and we will expand and leverage their expertise across the full range of Trend Micro solutions," Quane said. HP—which is currently in the final stages of a corporate split, with HP Inc. handing consumer products and printing areas, and Hewlett Packard Enterprise handling the enterprise software and technology assets—isn't totally abandoning the security business. Among Hewlett Packard Enterprise's security assets are the ArcSight SIEM (security information and event management), Fortify code and application security portfolio as well as the HP Data Security product groups. "With the upcoming transition to the new Hewlett Packard Enterprise, we are sharpening our focus on protecting the digital enterprise, investing in offerings that help customers protect users, applications and data and secure the interactions between them regardless of location or device," HP stated in a blog post . "TippingPoint has been an important component of our security offering, but we have decided to partner in network security as opposed to [owning a business in this space] so we can invest in other areas of our security portfolio." Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist
News Article | October 20, 2015
Want to get the latest news on network security, malware defense, application security and more sent straight to your Inbox? Join your fellow IT security professionals who subscribe to FierceITSecurity for FREE! Click here to see a sample.