Releases Advanced Content to Deliver Increased Visibility of Endpoint and Sensitive Data into HP ArcSight; Significantly Enhances Incident Response Procedures and Improves Detection and Containment Times
WALTHAM, Mass. — (BUSINESS WIRE) — September 2, 2015 — Digital Guardian, the only endpoint security platform purpose built to stop data theft, today announced its membership in the HP ArcSight Marketplace, a new online enterprise portal that unifies HP ArcSight® security content, products, documents and best practices. As one of the first partners to join the Marketplace, Digital Guardian will offer the new Digital Guardian Advanced Content for HP ArcSight, which enables customers to harness the security intelligence and big data capabilities of HP ArcSight Enterprise Security Management (ESM) to quickly detect and respond to insider threats and advanced attacks targeting sensitive data. The Digital Guardian Advanced Content provides HP ArcSight users with reports, dashboards and correlation rules which can be used for a variety of use cases to detect and respond to insider threats and advanced external attackers.
The Digital Guardian Data Aware Endpoint Security Platform protects sensitive data, including intellectual property, source code, financial documents, personally identifiable information and protected health information against both insider threats and external attacks targeting the endpoint. The Digital Guardian endpoint agent provides granular security event data on endpoints and servers (Windows, Mac OS X, and Linux) for user behavior and process activity, including information describing which users and processes are accessing and attempting to exfiltrate sensitive data, which is a key indicator of malicious activity.
Digital Guardian Interoperability with HP ArcSight
When attackers and advanced malware enter the corporate network, security incident responders need to understand if the threat successfully penetrated target systems and if so, which machines were compromised. Understanding which endpoints are infected is key to stopping the attack from moving deeper into the corporate network and accessing critical IT assets and sensitive data. Digital Guardian provides HP ArcSight with rich context to answer these questions through its interoperable Common Event Format (CEF) based solution. Advanced threats can thus be detected and prioritized immediately in the HP ArcSight console.
When security analysts detect and prioritize threats in HP ArcSight, they are able to deploy endpoint response rules to Digital Guardian directly from the console using the HP ArcSight Action Connector for Digital Guardian. Security staff can deploy controls to block threats and quarantine endpoints, reducing incident response time from days or hours to minutes.
Download the Digital Guardian Advanced Content for HP ArcSight in the HP ArcSight Marketplace here: https://arcsight.hpwsportal.com/catalog.html#/Home/Show.
Digital Guardian channel partners will be able to leverage a set of marketing resources to introduce HP ArcSight customers and prospects to the value of this new HP ArcSight content.
“Customers are flooded with alerts from multiple security systems and it’s critical to filter out false positives while effectively prioritizing which alerts need immediate action,” said Doug Bailey, chief strategy officer, Digital Guardian. “By connecting with HP ArcSight, Digital Guardian improves incident response and mitigation times by providing complete visibility over all of its endpoint security events.”
“Obtaining broader visibility for security events at every endpoint is critical to an efficient and effective threat detection and response process,” said Mike Armistead, vice president and general manager, Enterprise Security Products, HP ArcSight. “The partnership between HP ArcSight and Digital Guardian enables customers to gain a greater level of visibility to both accelerate incident response times and further protect critical assets across their organizations.”
About Digital Guardian
Digital Guardian is the only data-aware security platform designed to stop data theft. The Digital Guardian platform performs across traditional endpoints, mobile devices and cloud applications to make it easier to see and stop all threats to sensitive data. For more than 10 years, it has enabled data-rich organizations to protect their most valuable assets with an on premise deployment or an outsourced managed security program (MSP). Digital Guardian’s unique data awareness and transformative endpoint visibility, combined with behavioral threat detection and response, enables you to protect data without slowing the pace of your business. To learn more please visit: https://digitalguardian.com/
Gregory Funaro, 781-902-5649