SOURCE: ArcSight

October 10, 2005 09:00 ET

ArcSight Responds to the Mission-Critical Security Needs of Its Global 1000 Customers and Government Agencies Worldwide With New Release of Its Flagship Solution

ArcSight ESM 3.5 Features the Industry's First Self-Monitoring Capabilities and Enhancements for Managing Security, Insider Threats and Regulatory Compliance

CUPERTINO, CA -- (MARKET WIRE) -- October 10, 2005 -- ArcSight, Inc., the global leader in Enterprise Security Management (ESM) software, today announced the release of version 3.5 of its flagship solution. ArcSight ESM 3.5 specifically addresses the mission-critical security and compliance requirements of the largest, most demanding deployments in the enterprise security management market today.

ArcSight ESM 3.5 features new tools to help security professionals identify insider threats and minimize windows of vulnerability, as well as self-monitoring capabilities to help ensure 24x7 availability and performance of security operations. To address today's need to effectively communicate beyond the security department, ArcSight ESM 3.5 offers a new Web interface that automatically distributes role-relevant information to the broad and geographically distributed set of enterprise security and compliance stakeholders. In addition, ArcSight separately announced its Discovery Family of advanced analytics modules for ArcSight ESM, which accelerate and automate advanced analysis of security data.

"We have evaluated enterprise security management software from different vendors for our customers and can testify that ArcSight ESM is clearly the superior product and the most scalable -- which is critical to the ever-growing security needs of our customers," said Raz Alon, managing director of We! Group, a systems integrator and reseller in Israel serving over 150 enterprise customers in Israel and around the world. "After having worked with ArcSight's new version and deploying it in large organizations, we can testify that ArcSight has made a giant leap with this release, creating an even larger technology gap and other SIM vendors will have trouble catching up to."

"The role of security in today's enterprises has become mission-critical. In addition to protecting their organizations from never-ending external security threats, today's security professionals have increased responsibilities due to increasing vigilance of insider threats and regulatory demands," said IDC research director Charles Kolodgy. "This also has created the need to communicate security information and status directly to senior managers and executives."

ArcSight ESM 3.5 addresses these pressures with new features that focus on the mission-critical nature of today's most advanced and complex security operations. Key features of ArcSight ESM 3.5 include:

New Self-monitoring Capabilities

With ArcSight ESM serving as the mission-control center for many Fortune 1000 companies and 20 of the 30 largest federal agencies, it is proven to provide seamless, high-performance, 24x7x365 operations. ArcSight's experience serving the most demanding organizations has led to the release of the industry's first self-monitoring capabilities in ArcSight ESM. These new capabilities significantly lighten the management workload by automating the allocation of system resources, database configuration, data collection and analytics monitoring to immediately pinpoint and troubleshoot issues that could degrade system health.

"We know first-hand about the increasing demands on security organizations by monitoring over 150 million security events daily in support of our customers," said John Summers, global director of Managed Security Services, Unisys. "As a managed security services provider, it is imperative that we meet the complex security requirements and diverse demands of our customers. Our business relies on 24x7, high-performance operations. We have used this new version of ArcSight ESM and it absolutely addresses the mission-critical nature of our business and increases the value we deliver to our customers."

New Ability to Identify Insider Threats

Insider threats have emerged as one the greatest threats to an organization's security posture. ArcSight is the first to give customers the ability to easily identify malicious behavior from trusted user activity through Operational Time analysis. This new feature allows organizations to define normal times of use for applications and systems based on business roles. ArcSight ESM leverages this Operational Time profile information to automatically pinpoint suspicious behavior based on activities of an individual, the time of day of these activities relative to normal operations, the person's business role and the business-critical nature of the application.

Enhanced Ease of Use

Ease of use is being driven by three trends: the rapid adoption of ArcSight ESM throughout virtually every industry, increasing use of ArcSight ESM worldwide and broader use of ArcSight within organizations by non-security, non-technical people. Significant investment has been made in making this latest release the easiest to use. ArcSight ESM 3.5 comes with additional out-of-the-box content, making it easier and faster for new users to deploy ArcSight into their environments and immediately capture the benefits. In total, over 100 new features and enhancements suggested by ArcSight's customer base were incorporated into this release. Some of these include: centralized asset and network modeling, automated scheduling of report templates with customized filters, easy to author business-level reports, and full system-wide search capabilities.

New Web-enabled View to Communicate to Security and Compliance Stakeholders

With security being recognized as a mission-critical initiative, coupled with the requirements of industry and federal regulations, security organizations must communicate situational awareness to every level in the organization. With this release, ArcSight offers a new web-based user interface for secure anytime, anywhere access to role-relevant security and compliance information. While ArcSight Console is designed for security analysts managing ArcSight ESM, ArcSight Web is designed to provide network operations and compliance stakeholders with access to information on the status of security, compliance and organizational risk. It provides customized and configurable dashboards with investigation, workflow and drill-down capabilities.

Enhanced Workflow and Incident Response Capabilities to Close Windows of Vulnerability and Speed Resolution

ArcSight enables customers to investigate and respond to security incidents faster than ever through key improvements that speed investigations into security issues, while automatically auditing and demonstrating proof of processes to auditors and company executives. Key improvements in workflow and incident response include full system search capabilities for immediate access to pertinent information, case resolution metrics to demonstrate processes for compliance and analyze operational effectiveness, enhanced case management and integration with payload analysis tools.

"With this new release of ArcSight ESM, we are delivering on our vision to serve as the central command center for today's mission-critical security organizations," said Steve Sommer, senior vice president of Marketing and Business Development at ArcSight. "With the market's most advanced and fastest-growing customer base, we receive tremendously valuable input that helps us to stay at the forefront of ESM capabilities -- for security, compliance and insider threat."

ArcSight ESM 3.5 will be available next month. For more information, please visit

About ArcSight

ArcSight, the recognized leader in Enterprise Security Management (ESM), provides real-time threat management and compliance reporting yielding actionable insights into your security data. By comprehensively collecting, analyzing and managing security data, ArcSight ESM™ enables enterprises, government organizations and managed security service providers to centrally manage information risk more efficiently. ArcSight's customer base includes leading worldwide companies across all verticals -- and more than 20 of the top 30 U.S. federal agencies.

The specific features, functionality and release timing of any new products or new versions of current products remain at the sole discretion of Arcsight, Inc., and Arcsight does not make any warranty as to when or if specific features, functionality or releases may occur as described in this press release.

Contact Information

  • Contact Information:

    Laurie Vaccarino
    Horn Group for ArcSight
    Email Contact