• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Real Time Forensics from Log Data? ArcSight Says It’s Got It

    August 19, 2008 Alex Woodie

    With the onslaught of identity theft and the increase in instances of corporate data loss these days, forensics is becoming a word more IT administrators are becoming familiar with. In the world of log management solutions, however, most vendors make users choose between speedy log collection and the capability to forensically mine for important system events. With the addition of “forensics on the fly” to its Security Information Event Management (SEIM) system, ArcSight claims users can now do both without compromise.

    ArcSight sells several inter-connected products that make up its SIEM platform. It sells an Enterprise Security Management (ESM) product that is geared more toward security than the regulatory compliance end of the collective log. It also sells ArcSight Connectors, which collect logs from more than 275 applications and platforms (including i OS [formerly i5/OS]), and the ArcSight Logger, an integrated appliance for managing logs. Regulatory compliance reporting packages and an identity monitoring product round out the vendor’s offerings.

    ArcSight says the addition of “forensics on the fly” to the Logger will enable IT and forensics teams to drill down into source events at a moment’s notice. As a starting point to the forensics process, the vendor developed a new dashboard interface to the Logger that combines several pertinent reports into a single role-based view. From these dashboards, users can view detailed information, or utilize a new search capability designed to help with root-cause analysis.

    When users find violations or other worthwhile events through the search function, they can automatically create alerts that will notify them in real time if the same or similar events occur on the system. ArcSight has also enabled users to drill down into the underlying events directly from the alert.

    ArcSight, in effect, has closed the loop between the real-time alerting component of its compliance offering, which was primarily used to detect and notify administrators of regulatory policy violations, and the forensic component of its system, which used to be primarily an “after the fact” activity.

    Reed Henry, senior vice president of marketing for ArcSight, provided this perspective:

    “Our ArcSight ESM [Event Security Management] customers have always enjoyed the ability to drill down from correlated notifications into the events behind those notifications,” Henry says in a prepared statement. “With this release of ArcSight Logger, we have added this ability to mine events, or as we call it, forensics on the fly, to our log management products, delivering much needed productivity to log analysis and forensic investigation. Now organizations of any size can quickly and cost effectively conduct informative investigations to determine the root cause of log alert events in real time.”

    The Cupertino, California, company also recently rolled out a new PCI Logger appliance, which is designed to help customers store log data pertinent to the Payment Card Industry’s data security standards (DSS). PCI Logger includes 45 alerts that have been pre-mapped to DSS requirements, as well as the forensics on the fly capability.

    ArcSight, which went public less than a year ago on the NASDAQ National Market, also announced its first shareholder meeting. Shareholders of the company, which has enjoyed a 50 percent increase in its stock value since May following flat growth over the first few months of the year, will meet September 25.

    RELATED STORY

    ArcSight Expands Log Management Offerings



                         Post this story to del.icio.us
                   Post this story to Digg
        Post this story to Slashdot

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags:

    Sponsored by
    WorksRight Software

    Do you need area code information?
    Do you need ZIP Code information?
    Do you need ZIP+4 information?
    Do you need city name information?
    Do you need county information?
    Do you need a nearest dealer locator system?

    We can HELP! We have affordable AS/400 software and data to do all of the above. Whether you need a simple city name retrieval system or a sophisticated CASS postal coding system, we have it for you!

    The ZIP/CITY system is based on 5-digit ZIP Codes. You can retrieve city names, state names, county names, area codes, time zones, latitude, longitude, and more just by knowing the ZIP Code. We supply information on all the latest area code changes. A nearest dealer locator function is also included. ZIP/CITY includes software, data, monthly updates, and unlimited support. The cost is $495 per year.

    PER/ZIP4 is a sophisticated CASS certified postal coding system for assigning ZIP Codes, ZIP+4, carrier route, and delivery point codes. PER/ZIP4 also provides county names and FIPS codes. PER/ZIP4 can be used interactively, in batch, and with callable programs. PER/ZIP4 includes software, data, monthly updates, and unlimited support. The cost is $3,900 for the first year, and $1,950 for renewal.

    Just call us and we’ll arrange for 30 days FREE use of either ZIP/CITY or PER/ZIP4.

    WorksRight Software, Inc.
    Phone: 601-856-8337
    Fax: 601-856-9432
    Email: software@worksright.com
    Website: www.worksright.com

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Sponsored Links

    ASNA:  Transform and revitalize web-faced and green-screen apps
    COMMON:  Join us at the Focus 2008 workshop conference, October 5 - 8, in San Francisco, California
    SkyView Partners:  Download Carol Woodbury's new security compliance book

    IT Jungle Store Top Book Picks

    Easy Steps to Internet Programming for AS/400, iSeries, and System i: List Price, $49.95
    Getting Started with PHP for i5/OS: List Price, $59.95
    The System i RPG & RPG IV Tutorial and Lab Exercises: List Price, $59.95
    The System i Pocket RPG & RPG IV Guide: List Price, $69.95
    The iSeries Pocket Database Guide: List Price, $59.00
    The iSeries Pocket Developers' Guide: List Price, $59.00
    The iSeries Pocket SQL Guide: List Price, $59.00
    The iSeries Pocket Query Guide: List Price, $49.00
    The iSeries Pocket WebFacing Primer: List Price, $39.00
    Migrating to WebSphere Express for iSeries: List Price, $49.00
    iSeries Express Web Implementer's Guide: List Price, $59.00
    Getting Started with WebSphere Development Studio for iSeries: List Price, $79.95
    Getting Started With WebSphere Development Studio Client for iSeries: List Price, $89.00
    Getting Started with WebSphere Express for iSeries: List Price, $49.00
    WebFacing Application Design and Development Guide: List Price, $55.00
    Can the AS/400 Survive IBM?: List Price, $49.00
    The All-Everything Machine: List Price, $29.95
    Chip Wars: List Price, $29.95

    Kronos Says Business Is Still Growing, Profits More So A Bumblebee for BI–Now That’s Just ‘Smart’

    Leave a Reply Cancel reply

Volume 8, Number 30 -- August 19, 2008
THIS ISSUE SPONSORED BY:

Bytware
Seagull Software
Profound Logic Software
Computer Keyes
Twin Data

Table of Contents

  • looksoftware Unveils iPhone Client for i OS Apps
  • ID Theft Case Put Focus on Credit Card Security
  • Original Beefs Up Report Compare Feature in iSeries Testing Tool
  • BCD Adds More Automation, Customization to PHP Tool
  • Pat Townsend Unveils New Name, New Windows Solution
  • Formtastic Gains More Flexibility in Managing i OS Output
  • XAware Boasts More Than 150,000 Downloads
  • Real Time Forensics from Log Data? ArcSight Says It’s Got It
  • ISC Taps LANSA for App Modernization
  • Workplace Service Firm Licenses Lawson’s i OS-based ERP

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • Liam Allan Shares What’s Coming Next With Code For IBM i
  • From Stable To Scalable: Visual LANSA 16 Powers IBM i Growth – Launching July 8
  • VS Code Will Be The Heart Of The Modern IBM i Platform
  • The AS/400: A 37-Year-Old Dog That Loves To Learn New Tricks
  • IBM i PTF Guide, Volume 27, Number 25
  • Meet The Next Gen Of IBMers Helping To Build IBM i
  • Looks Like IBM Is Building A Linux-Like PASE For IBM i After All
  • Will Independent IBM i Clouds Survive PowerVS?
  • Now, IBM Is Jacking Up Hardware Maintenance Prices
  • IBM i PTF Guide, Volume 27, Number 24

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2025 IT Jungle