Customer

Customer is a leading Threat Intelligence platform, delivers next-generation endpoint security and threat intelligence services to protect businesses and individuals around the globe.

Requirement

Client requested for the integration of their Threat Intelligence product with the HP ArcSight so that their clients can view and leverage the Threat Intelligence in their existing ArcSight platform

data-protection

Technology Solution

Sacumen developed the Connector for customer’s Threat Intelligence product for integration with HP ArcSight ESM using CEF ( Common Events Format)

Threat Intelligence Connector ( to provide REST interface) developed using JAVA to send the CEF Syslog data to HP Arcsight Syslog Connector

Automatically correlate internal and external network events using prioritized real-time IP threat intelligence with contextual information to detect malicious IP threats for investigation

IP Correlation component developed using HP ArcSight Console

Built dashboards to display alerts and other relevant information. The nature of the reports and dashboards developed was in line with the model provided by HP ArcSight Console

Do you need free Consultation for your security product integration?

    There are no reviews yet.

    Be the first to review “Threat Intelligence Platform integration with ArcSight”