SlideShare uma empresa Scribd logo

Hp arcsight services 2014 ewb

R
rty_ngtglobal

Arcsight Services

Serviços
1 de 9
HP Arcsight Services Overview
Basic Services HP Arcsight, Smartconnectors incl. Logger • Planning • Installation • Deployment • Administration • Maintenance
Advanced Services • Use Case design/ Content Authoring – Creating/designing ESM content such rules, activelists, trends, reports to achieve specific business objectives – Efficient ESM investigation management through the use of cases
Best Practice • Create a process to ensure all devices to be monitored will send events to ArcSight – i.e. For Windows Smartconnectors, please make sure you add servers manually whenever a new server is commissioned. • Establish a case consolidation method • Establish a good naming convention for cases
Key Differentiator • Not just focused on BaseEvents (Device logs) but also on arcsight internal events to leverage ESM correlation potential • Highly skilled in data analysis using “Data about your data” • Experts in different platforms: OS/Network/Apps • Experienced with most IT security software available. • Worked for Infosec team of Security Companies: Trend Micro and Mcafee (now INTEL) • Focused on Security and Compliance (i.e. PCI-DSS) • Experienced in Open-Source
Sample Configuration Use case: Event Feed Monitoring - Tracking event input from monitored devices - Detecting devices that stoppped sending events for investigation * Use TTL or Event Expiry in ActiveLists
Sample Configuration Create ActiveList to Monitor Devices
Sample Configuration Use Field Merging to consolidate events Convert 1000s of related events in a single case
Thank you!

Recomendados

Improving IR Workflow - Using Risk-Based Escalation in HP ArcSight ESM
Improving IR Workflow - Using Risk-Based Escalation in HP ArcSight ESMImproving IR Workflow - Using Risk-Based Escalation in HP ArcSight ESM
Improving IR Workflow - Using Risk-Based Escalation in HP ArcSight ESMAnton Goncharov
 
Tips and tricks for MSSPs leveraging HPE Security ArcSight ESM to win proof o...
Tips and tricks for MSSPs leveraging HPE Security ArcSight ESM to win proof o...Tips and tricks for MSSPs leveraging HPE Security ArcSight ESM to win proof o...
Tips and tricks for MSSPs leveraging HPE Security ArcSight ESM to win proof o...Bryan Borra
 
ESM_101_6.9.0.pdf
ESM_101_6.9.0.pdfESM_101_6.9.0.pdf
ESM_101_6.9.0.pdfProtect724v2
 
HP ArcSight
HP ArcSight HP ArcSight
HP ArcSight Mohamed Zohair
 
Big Data Security with HP ArcSight
Big Data Security with HP ArcSightBig Data Security with HP ArcSight
Big Data Security with HP ArcSightSridhar Karnam
 
Architecture
ArchitectureArchitecture
ArchitectureShiva Chunduru
 
You Can't Correlate what you don't have - ArcSight Protect 2011
You Can't Correlate what you don't have - ArcSight Protect 2011You Can't Correlate what you don't have - ArcSight Protect 2011
You Can't Correlate what you don't have - ArcSight Protect 2011Scott Carlson
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)hardik soni
 

Recomendados

Improving IR Workflow - Using Risk-Based Escalation in HP ArcSight ESM
Improving IR Workflow - Using Risk-Based Escalation in HP ArcSight ESMImproving IR Workflow - Using Risk-Based Escalation in HP ArcSight ESM
Improving IR Workflow - Using Risk-Based Escalation in HP ArcSight ESMAnton Goncharov
 
Tips and tricks for MSSPs leveraging HPE Security ArcSight ESM to win proof o...
Tips and tricks for MSSPs leveraging HPE Security ArcSight ESM to win proof o...Tips and tricks for MSSPs leveraging HPE Security ArcSight ESM to win proof o...
Tips and tricks for MSSPs leveraging HPE Security ArcSight ESM to win proof o...Bryan Borra
 
ESM_101_6.9.0.pdf
ESM_101_6.9.0.pdfESM_101_6.9.0.pdf
ESM_101_6.9.0.pdfProtect724v2
 
HP ArcSight
HP ArcSight HP ArcSight
HP ArcSight Mohamed Zohair
 
Big Data Security with HP ArcSight
Big Data Security with HP ArcSightBig Data Security with HP ArcSight
Big Data Security with HP ArcSightSridhar Karnam
 
Architecture
ArchitectureArchitecture
ArchitectureShiva Chunduru
 
You Can't Correlate what you don't have - ArcSight Protect 2011
You Can't Correlate what you don't have - ArcSight Protect 2011You Can't Correlate what you don't have - ArcSight Protect 2011
You Can't Correlate what you don't have - ArcSight Protect 2011Scott Carlson
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)hardik soni
 
Standard Content Guide for ArcSight Express w/ CORR-Engine v3.0
Standard Content Guide for ArcSight Express w/ CORR-Engine v3.0Standard Content Guide for ArcSight Express w/ CORR-Engine v3.0
Standard Content Guide for ArcSight Express w/ CORR-Engine v3.0Protect724
 
ArcSight Enterprise View Deployment Guide
ArcSight Enterprise View Deployment GuideArcSight Enterprise View Deployment Guide
ArcSight Enterprise View Deployment GuideProtect724gopi
 
SIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsSIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsOWASP Delhi
 
[2.3] Large enterprise SIEM: get ready for oversize - Svetlana (Mona) Arkhipova
[2.3] Large enterprise SIEM: get ready for oversize - Svetlana (Mona) Arkhipova[2.3] Large enterprise SIEM: get ready for oversize - Svetlana (Mona) Arkhipova
[2.3] Large enterprise SIEM: get ready for oversize - Svetlana (Mona) ArkhipovaOWASP Russia
 
MISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM ImplementationMISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM ImplementationMichael Nickle
 
Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15Jay Steidle
 
SIEM Primer:
SIEM Primer:SIEM Primer:
SIEM Primer:Anton Chuvakin
 
Implementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and LessonsImplementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and LessonsAnton Chuvakin
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk M sharifi
 
SIEM presentation final
SIEM presentation finalSIEM presentation final
SIEM presentation finalRizwan S
 
HP ArcSight Demonstrating ROI For a SIEM Solution
HP ArcSight Demonstrating ROI For a SIEM SolutionHP ArcSight Demonstrating ROI For a SIEM Solution
HP ArcSight Demonstrating ROI For a SIEM Solutionrickkaun
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)k33a
 
Information Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesInformation Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesReliaQuest
 
McAfee SIEM solution
McAfee SIEM solution McAfee SIEM solution
McAfee SIEM solution hashnees
 
SIEM
SIEMSIEM
SIEMvikasraina
 
IBM QRadar Xforce
IBM QRadar XforceIBM QRadar Xforce
IBM QRadar Xforcesreenivas1591
 
SIEM evolution
SIEM evolutionSIEM evolution
SIEM evolutionStijn Vande Casteele
 
SORT OUT YOUR SIEM
SORT OUT YOUR SIEMSORT OUT YOUR SIEM
SORT OUT YOUR SIEMSecureData Europe
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewCamilo Fandiño Gómez
 
SIEM (Security Information and Event Management)
SIEM (Security Information and Event Management)SIEM (Security Information and Event Management)
SIEM (Security Information and Event Management)Osama Ellahi
 
140827 texto 2-ethics and the rough gorund of the everyday
140827 texto 2-ethics and the rough gorund of the everyday140827 texto 2-ethics and the rough gorund of the everyday
140827 texto 2-ethics and the rough gorund of the everydayAlejandro Munévar Salazar
 
Paper id 2520141232
Paper id 2520141232Paper id 2520141232
Paper id 2520141232IJRAT
 

Mais conteúdo relacionado

Mais procurados

Standard Content Guide for ArcSight Express w/ CORR-Engine v3.0
Standard Content Guide for ArcSight Express w/ CORR-Engine v3.0Standard Content Guide for ArcSight Express w/ CORR-Engine v3.0
Standard Content Guide for ArcSight Express w/ CORR-Engine v3.0Protect724
 
ArcSight Enterprise View Deployment Guide
ArcSight Enterprise View Deployment GuideArcSight Enterprise View Deployment Guide
ArcSight Enterprise View Deployment GuideProtect724gopi
 
SIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsSIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsOWASP Delhi
 
[2.3] Large enterprise SIEM: get ready for oversize - Svetlana (Mona) Arkhipova
[2.3] Large enterprise SIEM: get ready for oversize - Svetlana (Mona) Arkhipova[2.3] Large enterprise SIEM: get ready for oversize - Svetlana (Mona) Arkhipova
[2.3] Large enterprise SIEM: get ready for oversize - Svetlana (Mona) ArkhipovaOWASP Russia
 
MISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM ImplementationMISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM ImplementationMichael Nickle
 
Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15Jay Steidle
 
Implementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and LessonsImplementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and LessonsAnton Chuvakin
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk M sharifi
 
SIEM presentation final
SIEM presentation finalSIEM presentation final
SIEM presentation finalRizwan S
 
HP ArcSight Demonstrating ROI For a SIEM Solution
HP ArcSight Demonstrating ROI For a SIEM SolutionHP ArcSight Demonstrating ROI For a SIEM Solution
HP ArcSight Demonstrating ROI For a SIEM Solutionrickkaun
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)k33a
 
Information Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesInformation Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesReliaQuest
 
McAfee SIEM solution
McAfee SIEM solution McAfee SIEM solution
McAfee SIEM solution hashnees
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewCamilo Fandiño Gómez
 
SIEM (Security Information and Event Management)
SIEM (Security Information and Event Management)SIEM (Security Information and Event Management)
SIEM (Security Information and Event Management)Osama Ellahi
 

Mais procurados (20)

Standard Content Guide for ArcSight Express w/ CORR-Engine v3.0
Standard Content Guide for ArcSight Express w/ CORR-Engine v3.0Standard Content Guide for ArcSight Express w/ CORR-Engine v3.0
Standard Content Guide for ArcSight Express w/ CORR-Engine v3.0
 
ArcSight Enterprise View Deployment Guide
ArcSight Enterprise View Deployment GuideArcSight Enterprise View Deployment Guide
ArcSight Enterprise View Deployment Guide
 
SIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsSIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur Vats
 
[2.3] Large enterprise SIEM: get ready for oversize - Svetlana (Mona) Arkhipova
[2.3] Large enterprise SIEM: get ready for oversize - Svetlana (Mona) Arkhipova[2.3] Large enterprise SIEM: get ready for oversize - Svetlana (Mona) Arkhipova
[2.3] Large enterprise SIEM: get ready for oversize - Svetlana (Mona) Arkhipova
 
MISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM ImplementationMISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM Implementation
 
Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15
 
SIEM Primer:
SIEM Primer:SIEM Primer:
SIEM Primer:
 
Implementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and LessonsImplementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and Lessons
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
 
SIEM presentation final
SIEM presentation finalSIEM presentation final
SIEM presentation final
 
HP ArcSight Demonstrating ROI For a SIEM Solution
HP ArcSight Demonstrating ROI For a SIEM SolutionHP ArcSight Demonstrating ROI For a SIEM Solution
HP ArcSight Demonstrating ROI For a SIEM Solution
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
 
Information Security: Advanced SIEM Techniques
Information Security: Advanced SIEM TechniquesInformation Security: Advanced SIEM Techniques
Information Security: Advanced SIEM Techniques
 
McAfee SIEM solution
McAfee SIEM solution McAfee SIEM solution
McAfee SIEM solution
 
SIEM
SIEMSIEM
SIEM
 
IBM QRadar Xforce
IBM QRadar XforceIBM QRadar Xforce
IBM QRadar Xforce
 
SIEM evolution
SIEM evolutionSIEM evolution
SIEM evolution
 
SORT OUT YOUR SIEM
SORT OUT YOUR SIEMSORT OUT YOUR SIEM
SORT OUT YOUR SIEM
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
SIEM (Security Information and Event Management)
SIEM (Security Information and Event Management)SIEM (Security Information and Event Management)
SIEM (Security Information and Event Management)
 

Destaque

140827 texto 2-ethics and the rough gorund of the everyday
140827 texto 2-ethics and the rough gorund of the everyday140827 texto 2-ethics and the rough gorund of the everyday
140827 texto 2-ethics and the rough gorund of the everydayAlejandro Munévar Salazar
 
Paper id 2520141232
Paper id 2520141232Paper id 2520141232
Paper id 2520141232IJRAT
 
Paper id 2920142
Paper id 2920142Paper id 2920142
Paper id 2920142IJRAT
 
Paper id 2520148 (2)
Paper id 2520148 (2)Paper id 2520148 (2)
Paper id 2520148 (2)IJRAT
 
Paper id 24201456
Paper id 24201456Paper id 24201456
Paper id 24201456IJRAT
 
Paper id 25201498
Paper id 25201498Paper id 25201498
Paper id 25201498IJRAT
 
Paper id 26201483
Paper id 26201483Paper id 26201483
Paper id 26201483IJRAT
 
Paper id 25201440
Paper id 25201440Paper id 25201440
Paper id 25201440IJRAT
 
Paper id 2520147
Paper id 2520147Paper id 2520147
Paper id 2520147IJRAT
 
Paper id 2520141231
Paper id 2520141231Paper id 2520141231
Paper id 2520141231IJRAT
 
Paper id 24201453
Paper id 24201453Paper id 24201453
Paper id 24201453IJRAT
 
Paper id 25201471
Paper id 25201471Paper id 25201471
Paper id 25201471IJRAT
 
Paper id 24201494
Paper id 24201494Paper id 24201494
Paper id 24201494IJRAT
 
Paper id 2520148
Paper id 2520148Paper id 2520148
Paper id 2520148IJRAT
 
Paper id 27201411
Paper id 27201411Paper id 27201411
Paper id 27201411IJRAT
 
Paper id 26201493
Paper id 26201493Paper id 26201493
Paper id 26201493IJRAT
 
Paper id 25201435
Paper id 25201435Paper id 25201435
Paper id 25201435IJRAT
 
Paper id 21201495
Paper id 21201495Paper id 21201495
Paper id 21201495IJRAT
 
Paper id 25201496
Paper id 25201496Paper id 25201496
Paper id 25201496IJRAT
 
Paper id 24201474
Paper id 24201474Paper id 24201474
Paper id 24201474IJRAT
 

Destaque (20)

140827 texto 2-ethics and the rough gorund of the everyday
140827 texto 2-ethics and the rough gorund of the everyday140827 texto 2-ethics and the rough gorund of the everyday
140827 texto 2-ethics and the rough gorund of the everyday
 
Paper id 2520141232
Paper id 2520141232Paper id 2520141232
Paper id 2520141232
 
Paper id 2920142
Paper id 2920142Paper id 2920142
Paper id 2920142
 
Paper id 2520148 (2)
Paper id 2520148 (2)Paper id 2520148 (2)
Paper id 2520148 (2)
 
Paper id 24201456
Paper id 24201456Paper id 24201456
Paper id 24201456
 
Paper id 25201498
Paper id 25201498Paper id 25201498
Paper id 25201498
 
Paper id 26201483
Paper id 26201483Paper id 26201483
Paper id 26201483
 
Paper id 25201440
Paper id 25201440Paper id 25201440
Paper id 25201440
 
Paper id 2520147
Paper id 2520147Paper id 2520147
Paper id 2520147
 
Paper id 2520141231
Paper id 2520141231Paper id 2520141231
Paper id 2520141231
 
Paper id 24201453
Paper id 24201453Paper id 24201453
Paper id 24201453
 
Paper id 25201471
Paper id 25201471Paper id 25201471
Paper id 25201471
 
Paper id 24201494
Paper id 24201494Paper id 24201494
Paper id 24201494
 
Paper id 2520148
Paper id 2520148Paper id 2520148
Paper id 2520148
 
Paper id 27201411
Paper id 27201411Paper id 27201411
Paper id 27201411
 
Paper id 26201493
Paper id 26201493Paper id 26201493
Paper id 26201493
 
Paper id 25201435
Paper id 25201435Paper id 25201435
Paper id 25201435
 
Paper id 21201495
Paper id 21201495Paper id 21201495
Paper id 21201495
 
Paper id 25201496
Paper id 25201496Paper id 25201496
Paper id 25201496
 
Paper id 24201474
Paper id 24201474Paper id 24201474
Paper id 24201474
 

Semelhante a Hp arcsight services 2014 ewb

Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit SydneyPragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit SydneyAmazon Web Services
 
IBM i Security Best Practices
IBM i Security Best PracticesIBM i Security Best Practices
IBM i Security Best PracticesPrecisely
 
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Chicago
 
Services Saas,Pass,Iaas
Services Saas,Pass,IaasServices Saas,Pass,Iaas
Services Saas,Pass,IaasSofiya81
 
NEW LAUNCH! Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
NEW LAUNCH! Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleNEW LAUNCH! Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
NEW LAUNCH! Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon Web Services
 
SnapComms Technical overview
SnapComms Technical overviewSnapComms Technical overview
SnapComms Technical overviewSnapComms
 
SnapComms Technical Overview
SnapComms Technical OverviewSnapComms Technical Overview
SnapComms Technical Overviewleanne_abarro
 
Whitepaper factors to consider when selecting an open source infrastructure ...
Whitepaper factors to consider when selecting an open source infrastructure ...Whitepaper factors to consider when selecting an open source infrastructure ...
Whitepaper factors to consider when selecting an open source infrastructure ...apprize360
 
Winning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeWinning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeCloudHesive
 
2020 07-30 elastic agent + ingest management
2020 07-30 elastic agent + ingest management2020 07-30 elastic agent + ingest management
2020 07-30 elastic agent + ingest managementDaliya Spasova
 
Lionel Deliz resume
Lionel Deliz resumeLionel Deliz resume
Lionel Deliz resumeLionel Deliz
 
VTU Open Elective 6th Sem CSE - Module 2 - Cloud Computing
VTU Open Elective 6th Sem CSE - Module 2 - Cloud ComputingVTU Open Elective 6th Sem CSE - Module 2 - Cloud Computing
VTU Open Elective 6th Sem CSE - Module 2 - Cloud ComputingSachin Gowda
 
Chapter 2 Service Model
Chapter 2 Service ModelChapter 2 Service Model
Chapter 2 Service Modelnewbie2019
 
1E_ITPF203333333333333333314_Bigfix.pptx
1E_ITPF203333333333333333314_Bigfix.pptx1E_ITPF203333333333333333314_Bigfix.pptx
1E_ITPF203333333333333333314_Bigfix.pptxnguyenthanhdatpl403
 
Integrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSIntegrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSAmazon Web Services
 
Ibm spectrum scale fundamentals workshop for americas part 1 components archi...
Ibm spectrum scale fundamentals workshop for americas part 1 components archi...Ibm spectrum scale fundamentals workshop for americas part 1 components archi...
Ibm spectrum scale fundamentals workshop for americas part 1 components archi...xKinAnx
 

Semelhante a Hp arcsight services 2014 ewb (20)

Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit SydneyPragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
 
IBM i Security Best Practices
IBM i Security Best PracticesIBM i Security Best Practices
IBM i Security Best Practices
 
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
 
Harsha CV
Harsha CVHarsha CV
Harsha CV
 
Michael Jones-Resume-OCT2015
Michael Jones-Resume-OCT2015Michael Jones-Resume-OCT2015
Michael Jones-Resume-OCT2015
 
Services Saas,Pass,Iaas
Services Saas,Pass,IaasServices Saas,Pass,Iaas
Services Saas,Pass,Iaas
 
NEW LAUNCH! Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
NEW LAUNCH! Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleNEW LAUNCH! Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
NEW LAUNCH! Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
 
SnapComms Technical overview
SnapComms Technical overviewSnapComms Technical overview
SnapComms Technical overview
 
SnapComms Technical Overview
SnapComms Technical OverviewSnapComms Technical Overview
SnapComms Technical Overview
 
Linked in
Linked inLinked in
Linked in
 
Whitepaper factors to consider when selecting an open source infrastructure ...
Whitepaper factors to consider when selecting an open source infrastructure ...Whitepaper factors to consider when selecting an open source infrastructure ...
Whitepaper factors to consider when selecting an open source infrastructure ...
 
Winning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeWinning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our Time
 
2020 07-30 elastic agent + ingest management
2020 07-30 elastic agent + ingest management2020 07-30 elastic agent + ingest management
2020 07-30 elastic agent + ingest management
 
Deepanbharathi_CV
Deepanbharathi_CVDeepanbharathi_CV
Deepanbharathi_CV
 
Lionel Deliz resume
Lionel Deliz resumeLionel Deliz resume
Lionel Deliz resume
 
VTU Open Elective 6th Sem CSE - Module 2 - Cloud Computing
VTU Open Elective 6th Sem CSE - Module 2 - Cloud ComputingVTU Open Elective 6th Sem CSE - Module 2 - Cloud Computing
VTU Open Elective 6th Sem CSE - Module 2 - Cloud Computing
 
Chapter 2 Service Model
Chapter 2 Service ModelChapter 2 Service Model
Chapter 2 Service Model
 
1E_ITPF203333333333333333314_Bigfix.pptx
1E_ITPF203333333333333333314_Bigfix.pptx1E_ITPF203333333333333333314_Bigfix.pptx
1E_ITPF203333333333333333314_Bigfix.pptx
 
Integrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSIntegrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWS
 
Ibm spectrum scale fundamentals workshop for americas part 1 components archi...
Ibm spectrum scale fundamentals workshop for americas part 1 components archi...Ibm spectrum scale fundamentals workshop for americas part 1 components archi...
Ibm spectrum scale fundamentals workshop for americas part 1 components archi...
 

Último

Mysore Call girl service 6289102337 Mysore escort service
Mysore Call girl service 6289102337 Mysore escort serviceMysore Call girl service 6289102337 Mysore escort service
Mysore Call girl service 6289102337 Mysore escort servicemaheshsingh64440
 
Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...
Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...
Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...riyadelhic riyadelhic
 
Bhopal Call girl service 6289102337 bhopal escort service
Bhopal Call girl service 6289102337 bhopal escort serviceBhopal Call girl service 6289102337 bhopal escort service
Bhopal Call girl service 6289102337 bhopal escort servicemaheshsingh64440
 
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7Sana Rajpoot
 
Radhika Call Girls In Jaipur 9358660226 Escorts service
Radhika Call Girls In Jaipur 9358660226 Escorts serviceRadhika Call Girls In Jaipur 9358660226 Escorts service
Radhika Call Girls In Jaipur 9358660226 Escorts servicerahul222jai
 
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...aakahthapa70
 
Best VIP Call Girl Noida Sector 48 Call Me: 8700611579
Best VIP Call Girl Noida Sector 48 Call Me: 8700611579Best VIP Call Girl Noida Sector 48 Call Me: 8700611579
Best VIP Call Girl Noida Sector 48 Call Me: 8700611579diyaspanoida
 
+91-9899900591 Russian Call Girls In New Delhi Independent Russian Call Girls...
+91-9899900591 Russian Call Girls In New Delhi Independent Russian Call Girls...+91-9899900591 Russian Call Girls In New Delhi Independent Russian Call Girls...
+91-9899900591 Russian Call Girls In New Delhi Independent Russian Call Girls...kauryashika82
 
Girls For Night in Islamabad | 03274100048 🔞
Girls For Night in Islamabad | 03274100048 🔞Girls For Night in Islamabad | 03274100048 🔞
Girls For Night in Islamabad | 03274100048 🔞Ifra Zohaib
 
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...Sheetaleventcompany
 
Call Girls in Luxus Grand Hotel | 💋 03274100048
Call Girls in Luxus Grand Hotel | 💋 03274100048Call Girls in Luxus Grand Hotel | 💋 03274100048
Call Girls in Luxus Grand Hotel | 💋 03274100048Ifra Zohaib
 
Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...
Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...
Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...Goa Call Girls Service Goa escort agency
 
CALL GIRLS 9999288940 women seeking men Locanto No Advance North Goa
CALL GIRLS 9999288940 women seeking men Locanto No Advance North GoaCALL GIRLS 9999288940 women seeking men Locanto No Advance North Goa
CALL GIRLS 9999288940 women seeking men Locanto No Advance North Goadelhincr993
 
Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.
Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.
Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.riyadelhic riyadelhic
 
Best VIP Call Girls Noida Sector 24 Call Me: 8700611579
Best VIP Call Girls Noida Sector 24 Call Me: 8700611579Best VIP Call Girls Noida Sector 24 Call Me: 8700611579
Best VIP Call Girls Noida Sector 24 Call Me: 8700611579diyaspanoida
 
Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...
Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...
Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...aakahthapa70
 
Hire 💕 8617370543 Uttara Kannada Call Girls Service Call Girls Agency
Hire 💕 8617370543 Uttara Kannada Call Girls Service Call Girls AgencyHire 💕 8617370543 Uttara Kannada Call Girls Service Call Girls Agency
Hire 💕 8617370543 Uttara Kannada Call Girls Service Call Girls AgencyJia Oberoi
 
Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...
Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...
Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...aakahthapa70
 

Último (20)

Mysore Call girl service 6289102337 Mysore escort service
Mysore Call girl service 6289102337 Mysore escort serviceMysore Call girl service 6289102337 Mysore escort service
Mysore Call girl service 6289102337 Mysore escort service
 
Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...
Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...
Call Now HIgh profile ☎9870417354|| Call Girls in Ghaziabad Escort Service De...
 
Call Girls In Goa For Fun 9316020077 By Goa Call Girls For Pick Up Night
Call Girls In Goa For Fun 9316020077 By Goa Call Girls For Pick Up NightCall Girls In Goa For Fun 9316020077 By Goa Call Girls For Pick Up Night
Call Girls In Goa For Fun 9316020077 By Goa Call Girls For Pick Up Night
 
Bhopal Call girl service 6289102337 bhopal escort service
Bhopal Call girl service 6289102337 bhopal escort serviceBhopal Call girl service 6289102337 bhopal escort service
Bhopal Call girl service 6289102337 bhopal escort service
 
9953056974 Call Girls In Ashok Nagar, Escorts (Delhi) NCR.
9953056974 Call Girls In Ashok Nagar, Escorts (Delhi) NCR.9953056974 Call Girls In Ashok Nagar, Escorts (Delhi) NCR.
9953056974 Call Girls In Ashok Nagar, Escorts (Delhi) NCR.
 
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
Call Girls In Lahore || 03274100048 ||Lahore Call Girl Available 24/7
 
Radhika Call Girls In Jaipur 9358660226 Escorts service
Radhika Call Girls In Jaipur 9358660226 Escorts serviceRadhika Call Girls In Jaipur 9358660226 Escorts service
Radhika Call Girls In Jaipur 9358660226 Escorts service
 
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
 
Best VIP Call Girl Noida Sector 48 Call Me: 8700611579
Best VIP Call Girl Noida Sector 48 Call Me: 8700611579Best VIP Call Girl Noida Sector 48 Call Me: 8700611579
Best VIP Call Girl Noida Sector 48 Call Me: 8700611579
 
+91-9899900591 Russian Call Girls In New Delhi Independent Russian Call Girls...
+91-9899900591 Russian Call Girls In New Delhi Independent Russian Call Girls...+91-9899900591 Russian Call Girls In New Delhi Independent Russian Call Girls...
+91-9899900591 Russian Call Girls In New Delhi Independent Russian Call Girls...
 
Girls For Night in Islamabad | 03274100048 🔞
Girls For Night in Islamabad | 03274100048 🔞Girls For Night in Islamabad | 03274100048 🔞
Girls For Night in Islamabad | 03274100048 🔞
 
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
Call Girl Rohini ❤️7065000506 Pooja@ Rohini Call Girls Near Me ❤️♀️@ Sexy Cal...
 
Call Girls in Luxus Grand Hotel | 💋 03274100048
Call Girls in Luxus Grand Hotel | 💋 03274100048Call Girls in Luxus Grand Hotel | 💋 03274100048
Call Girls in Luxus Grand Hotel | 💋 03274100048
 
Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...
Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...
Russian Call Girls in Goa %(9316020077)# Russian Call Girls in Goa By Russi...
 
CALL GIRLS 9999288940 women seeking men Locanto No Advance North Goa
CALL GIRLS 9999288940 women seeking men Locanto No Advance North GoaCALL GIRLS 9999288940 women seeking men Locanto No Advance North Goa
CALL GIRLS 9999288940 women seeking men Locanto No Advance North Goa
 
Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.
Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.
Call Now ☎9870417354|| Call Girls in Noida Sector 18 Escort Service Noida N.C.R.
 
Best VIP Call Girls Noida Sector 24 Call Me: 8700611579
Best VIP Call Girls Noida Sector 24 Call Me: 8700611579Best VIP Call Girls Noida Sector 24 Call Me: 8700611579
Best VIP Call Girls Noida Sector 24 Call Me: 8700611579
 
Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...
Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...
Call Girls In {Connaught Place Delhi} 9667938988 IndianRussian High Profile E...
 
Hire 💕 8617370543 Uttara Kannada Call Girls Service Call Girls Agency
Hire 💕 8617370543 Uttara Kannada Call Girls Service Call Girls AgencyHire 💕 8617370543 Uttara Kannada Call Girls Service Call Girls Agency
Hire 💕 8617370543 Uttara Kannada Call Girls Service Call Girls Agency
 
Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...
Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...
Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...
 

Hp arcsight services 2014 ewb

  • 2. Basic Services HP Arcsight, Smartconnectors incl. Logger • Planning • Installation • Deployment • Administration • Maintenance
  • 3. Advanced Services • Use Case design/ Content Authoring – Creating/designing ESM content such rules, activelists, trends, reports to achieve specific business objectives – Efficient ESM investigation management through the use of cases
  • 4. Best Practice • Create a process to ensure all devices to be monitored will send events to ArcSight – i.e. For Windows Smartconnectors, please make sure you add servers manually whenever a new server is commissioned. • Establish a case consolidation method • Establish a good naming convention for cases
  • 5. Key Differentiator • Not just focused on BaseEvents (Device logs) but also on arcsight internal events to leverage ESM correlation potential • Highly skilled in data analysis using “Data about your data” • Experts in different platforms: OS/Network/Apps • Experienced with most IT security software available. • Worked for Infosec team of Security Companies: Trend Micro and Mcafee (now INTEL) • Focused on Security and Compliance (i.e. PCI-DSS) • Experienced in Open-Source
  • 6. Sample Configuration Use case: Event Feed Monitoring - Tracking event input from monitored devices - Detecting devices that stoppped sending events for investigation * Use TTL or Event Expiry in ActiveLists
  • 8. Sample Configuration Use Field Merging to consolidate events Convert 1000s of related events in a single case