ArcSight is a market leading SIEM, delivering log management and the world’s best correlation engine. Using ArcSight, security operations can very quickly identify and respond to known threats, increasing SOC efficiencies and driving efficiencies in an increasingly critical business function.
Interset provides a market-leading analytics platform, using unsupervised online machine learning to identify unknown threats like insider threats or targeted outside attacks such as APTs. These types of threats simply cannot be identified by searching for a known “bad signature”. Unsupervised machine learning gives threat hunters a high-quality set of leads to help them identify these elusive threats.
Together, ArcSight and Interset empowers a layered analytics approach, providing the right type of analytics to solve the right type of use cases, bringing to bear best of breed technologies to optimize security operations and dramatically improve organizations’ security postures.
This set of capabilities is the first integration step between the two sets of components. This enhancement allows data to be moved into Interset’s analytics platform using ArcSight’s SmartConnectors, supporting Active Directory / Authentication data as well as Web proxy data. In addition. FlexConnectors can now be used to pull Interset analytical results and push them into ESM for higher accuracy correlation rules that leverage unsupervised learning anomalies, as well as correlation rule filtering using top risky entity lists.
Similar apps are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.
Related content and resources
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox