ArcSight

Enterprise Security Management (ESM) is ArcSight’s flagship product that is best in class Security Information and Event Management (SIEM) software. ESM is a robust enterprise security platform that centrally collects and analyzes events from security devices, systems and applications across large and geographically dispersed enterprises. This allows organizations to continuously maintain a state of situational awareness through real-time consolidated, risk-relevant views.

Organizations Use ArcSight ESM to:

  • Identify, uncover, and reduce risks.
  • Aggregate all the logs, events, and alerts from devices across the network.
  • Correlate relevant security information.
  • Assess vulnerabilities and prioritize risks.
  • Present possible actions based on policy and remediation standards.
  • Respond in real-time to incidents.
  • Investigate insider threat and security events to prevent recurrence.
  • Communicate business and technical level security status to stakeholders.
  • Automatically communicate compliance status to satisfy regulatory reporting requirements.

ESM Core Benefits:

  • The most comprehensive data collection with fast and compressed storage.
  • Shrinks the window of vulnerability through extensive work-flow, investigation, and incident response capabilities.
  • Powerful security event correlation, analysis, and alerting to identify and track threats as they happen.
  • Streamlined investigation, forensics, and interactive analysis.
  • Presents relevant remediation information so action can be taken in real time.
  • Real time monitoring, historical trend and ad-hoc reporting.
  • Templates to validate and automatically report current compliance with specific regulations.

The Enterprise Security Management (ESM) sale requires extensive VAR enterprise level project expertise and the VAR margin opportunity is much larger.  This solution may provide multiple opportunities for professional services.