In an age where data and analytics rule, Hewlett Packard Enterprise’s latest security solution is designed to help cut through the noise.
HPE ArcSight Investigate, available now, is the company’s hunt and investigation technology that gives customers and security analysts a faster way to investigate security threats. According to HPE, the solution can “execute searches 10 times faster and process advanced analytics immediately”. This is done through familiar search interfaces.
To create that faster search, ArcSight Investigate ties into HPE Vertica, the company’s analytics platform. Essentially, it acts in a similar manner to a Google search, according to Travis Grandpre, director of the ArcSight product marketing team at HPE, who spoke with CDN over the phone.
“This [platform] allows an analyst to literally sit down in front of the console and go search using natural language, almost as if they were searching Google,” said Grandpre. “That search provides real-time results in a series of dashboards and other lists.”
User-friendly features are the name of the game with ArcSight Investigate. On top of familiar dashboards and charts that are created automatically after searches are made, users can also build queries from Day One by clicking through guided suggestions or from a drop-down menu. It allows less experienced security analysts to create queries without having to learn query language or proprietary schema while saving time for more advanced users.
Related Stories
The HPE solution also integrates with Hadoop. Analysts who are using Hadoop for an investigation will find that any data they have stored on Hadoop will be used within ArcSight Investigate.
From the channel partners perspective, ArcSight Investigate provides an opportunity when speaking with clients that lack a strong security staff.
“Channel partners can provide a solution that will give clients an intuitive interface where they can search and investigate without being a very trained expert,” said Grandpre. “I think partners will really resonate with that.”
ArcSight Investigate is directly integrated with ArcSight Enterprise Security Manager and is available now. You can read more on HPE’s website.
