Introducing UEBA Baselines with ArcSight Intelligence This organization reviewed their security requirements and looked for a platform to incorporate running advanced and customized correlations on their security events. The security team already leveraged Micro Focus ArcSight ESM and ArcSight Logger to analyze over 15,000 events per second (EPS). They added additional features to this solid program foundation as custom use cases were uncovered. The Security Analyst explains: “We have a wide variety of data sources: active directory, VPNs, firewalls, web proxies, IPS, Windows data, etc. Visibility into our user and entity behaviors is key for us. We also wanted to connect this directly with our incident response processes so that clear action can be taken as soon as an

Join for free to read