Analista de TI - suporte a redes e segurança at Tribunal de Contas da União
Real User
Top 5
2024-04-11T19:00:14Z
Apr 11, 2024
We don't have a lot of use cases. We supposed the MSSP provider would have a lot of use cases, and this intelligence would be used in the contract, but it wasn't the case. We do have some specific situations like alerts in case of changes to extremely powerful accounts, administrative groups, and things like that.
If deployed properly, the solution can collect logs well. The categories of logs are very high. It is very good. The solution is compatible with syslog servers. Our customers like the solution.
The product helps me see all the event logs in one place. When I look into the application, I can see different levels of alerts and make the required decision.
Most of our clients need security devices that can monitor events such as authentication failures, incorrect logins, link, module, device, and switch failures, security events and alarms, vulnerability events, and threat logs. We are currently using ArcSight Logger and many other Syslog devices to monitor these security events and logs.
Our primary use case for this solution is incident response, investigations and log management. For example, risky network communications, communications with risky countries, and VPN connections from outside the country. We deploy the solution on-premises.
Founder & CEO at a security firm with 10,001+ employees
Real User
2020-02-17T07:42:26Z
Feb 17, 2020
ArcSight logger was used for storing your logs, long-term, in a structured way. You can search in it, you can structure your data in it, and you can generate simple reports.
Team Lead at a tech services company with 51-200 employees
Reseller
2020-02-16T08:27:00Z
Feb 16, 2020
We focus mainly on the enterprise market where the customers have the requirement for log management and compliance. And most of the time we propose ESM along with the logger for SIEM requirements. We have multiple Logger customers here in Sri Lanka where we've implemented and maintained solutions for them.
CISO at a financial services firm with 1,001-5,000 employees
Real User
2019-09-16T10:14:00Z
Sep 16, 2019
We primarily use the solution for monitoring all of our perimeter - from critical assets to less critical ones. It covers IT assets, networks, databases, servers, endpoints, etc.
Vulnerability Assessor at Telenor Common Operation
Real User
2019-02-20T11:20:00Z
Feb 20, 2019
We have several uses for this solution like retention storage. We use Logger for some queries since we are in Talco industries. We use it for IT, MSISDN, and mobile phone. For the SM we have communication for the infrastructures including security. Plus, we use ESM for prevention and for a couple of cases we use it for fraud prevention and some for the VIP members check.
HPE ArcSight Data Platform (ADP) offers a future-ready data solution that enriches data in real time and supports open standards for better threat detection. Using security data connectors, ADP collects data and enriches it in real-time to give analysts organized information that can be acted upon instantly.
We don't have a lot of use cases. We supposed the MSSP provider would have a lot of use cases, and this intelligence would be used in the contract, but it wasn't the case. We do have some specific situations like alerts in case of changes to extremely powerful accounts, administrative groups, and things like that.
We primarily use it in our site for compliance.
If deployed properly, the solution can collect logs well. The categories of logs are very high. It is very good. The solution is compatible with syslog servers. Our customers like the solution.
The product helps me see all the event logs in one place. When I look into the application, I can see different levels of alerts and make the required decision.
We use the product for log management purposes at the moment.
The tool helps us to collect, correlate and publish logs on our site.
The solution is used for searching and test reports.
Most of our clients need security devices that can monitor events such as authentication failures, incorrect logins, link, module, device, and switch failures, security events and alarms, vulnerability events, and threat logs. We are currently using ArcSight Logger and many other Syslog devices to monitor these security events and logs.
Our primary use case for this solution is incident response, investigations and log management. For example, risky network communications, communications with risky countries, and VPN connections from outside the country. We deploy the solution on-premises.
Our primary use case was to catch malicious activity happening inside our organization.
We have just upgraded to Splunk, so we're currently in the process of converting everything over from ArcSight to Splunk.
ArcSight logger was used for storing your logs, long-term, in a structured way. You can search in it, you can structure your data in it, and you can generate simple reports.
We focus mainly on the enterprise market where the customers have the requirement for log management and compliance. And most of the time we propose ESM along with the logger for SIEM requirements. We have multiple Logger customers here in Sri Lanka where we've implemented and maintained solutions for them.
We use this solution for archiving log feeds.
We use the on-premise deployment model. Our primary use case is for monitoring.
We primarily use the solution for monitoring all of our perimeter - from critical assets to less critical ones. It covers IT assets, networks, databases, servers, endpoints, etc.
We are a service provider and this solution is deployed on-premises for some of our customers. It is primarily used for firewall and Windows events.
We use the on-premise version of ArcSight Logger.
We have several uses for this solution like retention storage. We use Logger for some queries since we are in Talco industries. We use it for IT, MSISDN, and mobile phone. For the SM we have communication for the infrastructures including security. Plus, we use ESM for prevention and for a couple of cases we use it for fraud prevention and some for the VIP members check.