ArcSight ESM - Enterprise Security Manager

ArcSight Enterprise Security Manager (ESM) is a comprehensive threat detection, analysis, triage, and compliance management SIEM platform that dramatically reduces the time to mitigate cyber-security threats. ArcSight allows security teams to move from enriched event data, to powerful real-time correlation, use workflow management and security orchestration, and to triage advanced persistent threats to mitigation and resolution.


Key Features

Enriched Security Event Data

With ESM, the event variables and information that is collected, gets enhanced and enriched to provide more than 400+ individual and specific data points.

Powerful Real-Time Data Correlation

ESM allows for the collection of data and real-time correlation of events to accurately escalate threats that violate the internal rules within the platform. ESM is capable of correlating up to 75,000 events per second within an enter

Workflow Automation and Security Orchestration

ArcSight Enterprise Security Manager creates an easy way for SOC monitoring teams to efficiently and effectively triage detected alerts through the ArcSight Command Center (ACC).

Multi-Tenancy and Unified Permissions Matrix

With multi-tenancy capabilities and permissions abilities, enterprises are able to use a centralized set of management abilities including rule-based thresholds and a unified permissions roles, rights, and responsibilities matrix.

Compatibility with ArcSight Data Platform and ArcSight Investigate

Compatibility with ArcSight Data Platform (ADP) and ArcSight Investigate providing a comprehensive suite of open architecture data collection, powerful real-time event correlation, and intuitive investigation to detect unknown security threats.