Arcsight, Inc. announced the fourth generation of its log management product Arcsight Logger 4. With more data, transactions and users online, organizations are increasingly vulnerable to fraud, theft and breaches due to hackers, malware, and malicious insiders. Arcsight Logger 4 helps organizations to detect, investigate and understand those incidents. The solution ought to reduce the impact of cyber-crime by enabling faster and better investigations and forensic analysis of criminal activities.
Arcsight Logger 4 provides four-way protection against cybercrime impacts:
- high speed structured and unstructured data collection of up to 42 TByte on a single appliance
- ultrafast search and reporting, handling terabytes of data in seconds via a Google-like interface
- unified analysis across all types of data in a single pane of glass, for simplified investigations
- secure storage and access, with support for Federal Information Processing Standards (FIPS) and Common Access Card (CAC), for criminal investigation and prosecution
According to Arcsight the key breakthrough in Logger 4 is the ability to collect, search and analyze massive amounts of both structured and unstructured data. Arcsight Logger unifies alerting, search, and analysis across any type of enterprise information. As a result, Arcsight Logger is able to collect and analyze the massive amounts of data generated by modern networks. This data includes:
- Systems/IT operations data: By analyzing CPU spikes, disk usage, and network flows, Arcsight Logger can aid in detection and remediation of sophisticated malware such as bots and keyloggers.
- User data: By analyzing user access information, Arcsight Logger can aid the investigation and remediation of data breaches due to unauthorized system or database access.
- Application data: By analyzing user activity within key applications, related system access, and social network activity, Arcsight Logger can aid in fraud analysis and investigation.
The Arcsight SIEM Platform protects more than 40 global banks, the government systems of over 27 nations, more than 20 U.S. Federal agencies and more than 25 global telecommunication service providers. Thus, protection of critical infrastructure from the rapidly changing tactics of cyber-attackers was a primary design consideration for Arcsight Logger 4.
In a recent survey of 48 Arcsight government and financial services customers, the company found that nearly 30 percent of respondents estimated that they had over 10,000 devices that produce events or logs related to cybersecurity. The result is a massive amount of data to be collected and processed. In addition, 75 percent responded that they very rarely or hardly ever knew exactly what to look for when researching a cyber attack. The result is a need for unified high speed search to quickly find relevant context when an incident occurs. Finally, more than 80 percent of respondents also believe that cyber attacks will increase in the coming 12 months compared to last year, supporting the need for improved cybersecurity solutions such as Arcsight Logger 4.
Arcsight Logger is a key component in the Arcsight SIEM Platform. It joins Arcsight Fraud View and Arcsight Identity View as solid solutions for preventing cyber war, cyber theft, cyber fraud and cyber espionage, while also providing vigilance over organizational policies and regulatory compliance.
Arcsight Logger 4 will be available in November 2009. Pricing begins at $20,000. (Source: Arcsight, Inc./GST)