Josh M Community
Support via Micro Focus Software Support, with a ticket filed against the associated product.
Micro Focus offers a content partnership program for select partners. Support for Partner Content offerings is provided by the partner and not by Micro Focus of the Micro Focus community.
Micro Focus Community Content is provided by Micro Focus for the benefit of customers, support for it is not available via Micro Focus Software Support but through specific community content forums.
Community Contributed Content is provided by Micro Focus customers and supported by them.
ArcSight is a market leading SIEM, delivering log management and the world’s best correlation engine. Using ArcSight, security operations can very quickly identify and respond to known threats, increasing SOC efficiencies and driving efficiencies in an increasingly critical business function.
Interset provides a market-leading analytics platform, using unsupervised online machine learning to identify unknown threats like insider threats or targeted outside attacks such as APTs. These types of threats simply cannot be identified by searching for a known “bad signature”. Unsupervised machine learning gives threat hunters a high-quality set of leads to help them identify these elusive threats.
Together, ArcSight and Interset empowers a layered analytics approach, providing the right type of analytics to solve the right type of use cases, bringing to bear best of breed technologies to optimize security operations and dramatically improve organizations’ security postures.
This set of capabilities is the first integration step between the two sets of components. This enhancement allows data to be moved into Interset’s analytics platform using ArcSight’s SmartConnectors, supporting Active Directory / Authentication data as well as Web proxy data. In addition. FlexConnectors can now be used to pull Interset analytical results and push them into ESM for higher accuracy correlation rules that leverage unsupervised learning anomalies, as well as correlation rule filtering using top risky entity lists.
Sample content file for Interset analytics data
ArcSight ESM / Interset Integration Guide v0.1
NiFi Template to read CEF events from Kafka and generate Interset-specific data output
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox