HP ArcSight Logger - Customer Case Studies

Check out these collections of mini case studies of how customers are using the HP ArcSight solution and the benefits achieved by them



Research by TechValidate

Case Study: Fortune 500 Electronics Company implements HP ArcSight for log intelligence

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Complex and lengthy forensic investigation and analysis
    • Painful searching of logs and events through regex, syntax requirements or domain experts
    • The inability to correlate data across multiple devices in real-time

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Log storage through high compression
    • Log analytics and intelligence
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • IBM
    • McAfee
    • Loglogic
    • LogRhythm
    • Open source or freeware

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Filtering and parsing of data during collection through normalization and categorization
    • Scalability – ability to deploy in a distributed, hierarchical, or peer-to-peer manner
    • Large community through Protect724
  • Achieved the following with HP ArcSight Logger:
    • Faster analysis and reporting of logs and events
    • Reduced implementation time for universal log management solution

Testimonials

“With HP ArcSight, we are able to search for a log event that occurred 12 months ago.”

Source:

TechValidate Survey of a Fortune 500 Electronics Company

Research by TechValidate

Case Study: Large Enterprise Computer Services Company deploys HP ArcSight

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • The inability to detect key events or advance persistent, external security threats and vulnerabilities from normal background activity
    • The inability to correlate data across multiple devices in real-time
    • The inability to respond quickly to data breaches

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Log analytics and intelligence
    • Detecting/tracking suspicious behavior (e.g., unauthorized access, insider abuse)
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • IBM
    • McAfee

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • High performance – ability to capture, compress , store, and execute searches – large data at high speed
    • Comprehensive log analysis
    • Simultaneous indexing, searching, and reporting at high speed
  • Achieved the following with HP ArcSight Logger:
    • A reduction in time to respond to breaches through quick forensic investigation
    • A reduction in database infrastructure costs & storage costs for long term archival of entire IT data
    • Reduced implementation time for universal log management solution
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 10 – 25% using HP ArcSight Logger.
  • Can now collect, store, and analyze 500 – 1,000% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 10 – 50% with HP ArcSight Logger.
  • Realized a Return-On-Investment (ROI) in HP ArcSight Logger in 3-6 months.

Source:

TechValidate Survey of a Large Enterprise Computer Services Company

Research by TechValidate

Case Study: Global 500 Beverage Company searches logs in minutes with HP ArcSight

Challenges

  • Addressed the following challenge with HP ArcSight Logger:
    • The lack of analytics capabilities to sort through “big data” produced by log and security devices

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Support IT/network routine maintenance and operations
    • Comprehensive log collection
    • Log analytics and intelligence
    • Detecting/tracking suspicious behavior (e.g., unauthorized access, insider abuse)
    • Preventing incidents
  • Chose HP ArcSight Logger over the following vendors:
    • IBM
    • McAfee

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Scalability – ability to deploy in a distributed, hierarchical, or peer-to-peer manner
    • Rich built-in content, dashboards and reports
    • Comprehensive log analysis
  • Achieved the following with HP ArcSight Logger:
    • A reduction in time to respond to breaches through quick forensic investigation
    • Faster analysis and reporting of logs and events
    • A reduction in time and effort for conducting regular compliance audit
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 50 – 100% using HP ArcSight Logger.
  • Can now collect, store, and analyze 50 – 100% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 50 – 100% with HP ArcSight Logger.
  • Realized a Return-On-Investment (ROI) in HP ArcSight Logger in 3-6 months.

Testimonials

“We were able, for the first time, to do successful log searches in a matter of minutes compared to days and weeks previously with HP ArcSight.”

Source:

TechValidate Survey of a Global 500 Beverage Company

Research by TechValidate

Case Study: Global 500 Banking Company uses ArcSight to conduct forensic investigation

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Complex and lengthy forensic investigation and analysis
    • Painful searching of logs and events through regex, syntax requirements or domain experts

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Support IT/network routine maintenance and operations
    • Comprehensive log collection
    • Log analytics and intelligence
  • Chose HP ArcSight Logger over the following vendors:
    • IBM
    • Loglogic
    • LogRhythm

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Simple full-text search eliminating the need for domain experts or regex knowledge
  • Achieved the following with HP ArcSight Logger:
    • Cost-effective compliance through continuous monitoring
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by No change using HP ArcSight Logger.

Testimonials

“With ArcSight, we are able to leverage our existing relationship with HP to provide this service for us.”

Source:

TechValidate Survey of a Global 500 Banking Company

Research by TechValidate

Case Study: Global 500 Energy & Utilities Company detects APTs with ArcSight

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to detect source of suspicious behavior (e.g. Unauthorized access, insider threats)

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Detecting APT-style malware
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • IBM
    • McAfee
    • Loglogic

Results

  • Values the following HP ArcSight Logger feature the most over other vendors:
    • Real-time monitoring and alerting
  • Achieved the following with HP ArcSight Logger:
    • Faster analysis and reporting of logs and events
    • Improved business insight through interactive and conversational view of our data
    • Early detection and prevention of potential breaches, risks, vulnerabilities in systems and applications
    • A reduction in time and effort for conducting regular compliance audit
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 25 – 50% using HP ArcSight Logger.
  • Can now collect, store, and analyze 10 – 50% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 100 – 500% with HP ArcSight Logger.
  • Realized a Return-On-Investment (ROI) in HP ArcSight Logger in > 1 year.

Source:

TechValidate Survey of a Global 500 Energy & Utilities Company

Research by TechValidate

Case Study: Global 500 Energy & Utilities Company monitors compliance through ArcSight

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Painful searching of logs and events through regex, syntax requirements or domain experts

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Support IT/network routine maintenance and operations
    • Comprehensive log collection
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • Loglogic

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
    • Filtering and parsing of data during collection through normalization and categorization
  • Achieved the following with HP ArcSight Logger:
    • Faster analysis and reporting of logs and events
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 50 – 100% using HP ArcSight Logger.
  • Can now collect, store, and analyze 10 – 50% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 50 – 100% with HP ArcSight Logger.

Testimonials

“ArcSight Logger has enabled us to implement a log policy and achieve our compliance objectives.”

Source:

TechValidate Survey of a Global 500 Energy & Utilities Company

Research by TechValidate

Case Study: Large Enterprise Energy & Utilities Company uses ArcSight for data correlation

Challenges

  • The inability to correlate data across multiple devices in real-time

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Support IT/network routine maintenance and operations
    • Detecting/tracking suspicious behavior (e.g., unauthorized access, insider abuse)
    • Detecting APT-style malware
    • Preventing incidents
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Rich built-in content, dashboards and reports
    • Granular role-based access
    • Authentication and authorization
  • Achieved the following with HP ArcSight Logger:
    • Early detection and prevention of potential breaches, risks, vulnerabilities in systems and applications
    • A reduction in number of incidents and false positives to be analyzed on a daily basis

Testimonials

“It is a very good tool to store our Logs, produce reports, and to prevent attack based on use case.”

Source:

TechValidate Survey of a Large Enterprise Energy & Utilities Company

Research by TechValidate

Case Study: Fortune 500 Computer Hardware Company User HP ArcSight for Big Data Security

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Complex and lengthy forensic investigation and analysis
    • Painful searching of logs and events through regex, syntax requirements or domain experts
    • No visibility into application or system performance
    • The inability to correlate data across multiple devices in real-time
    • The lack of analytics capabilities to sort through “big data” produced by log and security devices

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Support IT/network routine maintenance and operations
    • Comprehensive log collection
    • Log storage through high compression
    • Log analytics and intelligence
    • Detecting/tracking suspicious behavior (e.g., unauthorized access, insider abuse)
    • Preventing incidents
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • IBM

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
    • Filtering and parsing of data during collection through normalization and categorization
    • High performance – ability to capture, compress , store, and execute searches – large data at high speed
    • Scalability – ability to deploy in a distributed, hierarchical, or peer-to-peer manner
    • Rich built-in content, dashboards and reports
    • Comprehensive log analysis
    • Real-time alerting
    • Real-time monitoring and alerting
    • Simultaneous indexing, searching, and reporting at high speed
    • Large community through Protect724
    • Interactive and distributed searches
    • Simple full-text search eliminating the need for domain experts or regex knowledge
    • Granular role-based access
    • Authentication and authorization
  • Achieved the following with HP ArcSight Logger:
    • A reduction in time to respond to breaches through quick forensic investigation
    • Faster analysis and reporting of logs and events
    • Cost-effective compliance through continuous monitoring
    • A reduction in database infrastructure costs & storage costs for long term archival of entire IT data
    • Reduced implementation time for universal log management solution
    • A reduction in time and effort for conducting regular compliance audit
    • A reduction in number of incidents and false positives to be analyzed on a daily basis
    • Improvement in fraud detection through anomaly detection of large amounts of data in real-time and on historical data

Source:

TechValidate Survey of a Fortune 500 Computer Hardware Company

Research by TechValidate

Case Study: Fortune 500 Financial Services Company Reduces Time Required to Analyze Data

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Complex and lengthy forensic investigation and analysis
    • Painful searching of logs and events through regex, syntax requirements or domain experts
    • The inability to correlate data across multiple devices in real-time
    • The inability to respond quickly to data breaches

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Comprehensive log collection
    • Log storage through high compression
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • McAfee
    • Open source or freeware

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
    • Filtering and parsing of data during collection through normalization and categorization
  • Achieved the following with HP ArcSight Logger:
    • A reduction in time to respond to breaches through quick forensic investigation
    • Faster analysis and reporting of logs and events
    • Cost-effective compliance through continuous monitoring
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 50 – 100% using HP ArcSight Logger.
  • Can now collect, store, and analyze 50 – 100% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 1 – 10% with HP ArcSight Logger.

Testimonials

“HP ArcSight Logger is fast at storing events.”

Source:

TechValidate Survey of a Fortune 500 Financial Services Company

Research by TechValidate

Case Study: Fortune 500 Banking Company Searches 1000’s of servers logs Easily

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Painful searching of logs and events through regex, syntax requirements or domain experts

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Log storage through high compression
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • IBM

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • High performance – ability to capture, compress , store, and execute searches – large data at high speed
    • Scalability – ability to deploy in a distributed, hierarchical, or peer-to-peer manner
    • Large community through Protect724
    • Interactive and distributed searches
  • Achieved the following with HP ArcSight Logger:
    • Cost-effective compliance through continuous monitoring
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 25 – 50% using HP ArcSight Logger.
  • Can now collect, store, and analyze 100 – 500% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 50 – 100% with HP ArcSight Logger.

Testimonials

“We are able to search 1000s of servers logs all from one interface by using ArcSight Logger.”

Source:

TechValidate Survey of a Fortune 500 Banking Company

Research by TechValidate

Case Study: Fortune 500 Insurance Company Collect & Store 100% More Data

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Complex and lengthy forensic investigation and analysis
    • Painful searching of logs and events through regex, syntax requirements or domain experts

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Comprehensive log collection
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • Loglogic
    • LogRhythm

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
  • Achieved the following with HP ArcSight Logger:
    • Cost-effective compliance through continuous monitoring
    • A reduction in time and effort for conducting regular compliance audit
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 25 – 50% using HP ArcSight Logger.
  • Can now collect, store, and analyze 50 – 100% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 1 – 10% with HP ArcSight Logger.

Testimonials

“The HP ArcSight Logger is a good retention platform, and coupled with well-designed implementations of SmartConnectors it has allowed us to have a central location for log retention. We are working to add ESM to allow us to begin to implement purpose-built use cases for security visibility.”

Source:

TechValidate Survey of a Fortune 500 Insurance Company

Research by TechValidate

Case Study: Fortune 500 Computer Services Company Analyze 1000% More Data with HP ArcSight

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Complex and lengthy forensic investigation and analysis
    • Painful searching of logs and events through regex, syntax requirements or domain experts
    • The inability to detect source of suspicious behavior (e.g. Unauthorized access, insider threats)
    • The inability to detect key events or advance persistent, external security threats and vulnerabilities from normal background activity
    • The lack of analytics capabilities to sort through “big data” produced by log and security devices

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Support IT/network routine maintenance and operations
    • Comprehensive log collection
    • Detecting/tracking suspicious behavior (e.g., unauthorized access, insider abuse)
  • Chose HP ArcSight Logger over the following vendors:
    • IPSwitch Whatsup? Event Archiver

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • High performance – ability to capture, compress , store, and execute searches – large data at high speed
    • Rich built-in content, dashboards and reports
    • Comprehensive log analysis
    • Real-time monitoring and alerting
  • Achieved the following with HP ArcSight Logger:
    • Faster analysis and reporting of logs and events
    • Reduced implementation time for universal log management solution
    • Early detection and prevention of potential breaches, risks, vulnerabilities in systems and applications
  • Can now collect, store, and analyze 500 – 1,000% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 10 – 50% with HP ArcSight Logger.

Testimonials

“We required HP ArcSight in order to fulfill a security requirement. Easy to setup, use, and comes from a respected manufacturer, it was an obvious choice over the competition.”

Source:

TechValidate Survey of a Fortune 500 Computer Services Company

Research by TechValidate

Case Study: Fortune 500 Retail Company Realized ROI in 6 months & Collect 50% More Data

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Complex and lengthy forensic investigation and analysis
    • Painful searching of logs and events through regex, syntax requirements or domain experts
    • The inability to detect source of suspicious behavior (e.g. Unauthorized access, insider threats)
    • The inability to detect key events or advance persistent, external security threats and vulnerabilities from normal background activity
    • The inability to correlate data across multiple devices in real-time
    • The inability to respond quickly to data breaches
    • The lack of analytics capabilities to sort through “big data” produced by log and security devices

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Comprehensive log collection
    • Log storage through high compression
    • Detecting/tracking suspicious behavior (e.g., unauthorized access, insider abuse)
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • IBM
    • Loglogic

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
    • Filtering and parsing of data during collection through normalization and categorization
    • Scalability – ability to deploy in a distributed, hierarchical, or peer-to-peer manner
    • Comprehensive log analysis
    • Real-time monitoring and alerting
    • Simultaneous indexing, searching, and reporting at high speed
    • Interactive and distributed searches
    • Simple full-text search eliminating the need for domain experts or regex knowledge
    • Authentication and authorization
  • Achieved the following with HP ArcSight Logger:
    • A reduction in time to respond to breaches through quick forensic investigation
    • Faster analysis and reporting of logs and events
    • A reduction in database infrastructure costs & storage costs for long term archival of entire IT data
    • Reduced implementation time for universal log management solution
    • Early detection and prevention of potential breaches, risks, vulnerabilities in systems and applications
    • A reduction in time and effort for conducting regular compliance audit
    • Improvement in fraud detection through anomaly detection of large amounts of data in real-time and on historical data
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 10 – 25% using HP ArcSight Logger.
  • Can now collect, store, and analyze 10 – 50% more data at one time with HP ArcSight Logger.
  • Realized a Return-On-Investment (ROI) in HP ArcSight Logger in 6-9 months.

Source:

TechValidate Survey of a Fortune 500 Retail Company

Research by TechValidate

Case Study: Global 500 Electronics Company

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to detect source of suspicious behavior (e.g. Unauthorized access, insider threats)
    • No visibility into application or system performance

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Support IT/network routine maintenance and operations
    • Log storage through high compression
    • Log analytics and intelligence
    • Detecting APT-style malware
  • Chose HP ArcSight Logger over the following vendors:
    • Open source or freeware

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Filtering and parsing of data during collection through normalization and categorization
    • Comprehensive log analysis
    • Real-time alerting
  • Achieved the following with HP ArcSight Logger:
    • A reduction in database infrastructure costs & storage costs for long term archival of entire IT data

Source:

TechValidate Survey of a Global 500 Electronics Company

Research by TechValidate

Case Study: An Internet Company Reduces Time in Log Analytics by 100%

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • Inability to manage and fix a device.

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Support IT/network routine maintenance and operations
    • Comprehensive log collection
    • Log storage through high compression
    • Log analytics and intelligence
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • Loglogic
    • Symantec

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
    • Filtering and parsing of data during collection through normalization and categorization
    • Simultaneous indexing, searching, and reporting at high speed
    • Simple full-text search eliminating the need for domain experts or regex knowledge
  • Achieved the following with HP ArcSight Logger:
    • Faster analysis and reporting of logs and events
    • Improved business insight through interactive and conversational view of our data
    • A reduction in time and effort for conducting regular compliance audit
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 50 – 100% using HP ArcSight Logger.
  • Can now collect, store, and analyze 100 – 500% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 100 – 500% with HP ArcSight Logger.

Testimonials

“With HP ArcSight Logger, we could query any log format with faster speed.”

Source:

Thanapol Bumphenwibulkij, Engineer, g-able.com

Research by TechValidate

Case Study: Global 500 Banking Company Reports on SOX Systems through HP ArcSight

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Painful searching of logs and events through regex, syntax requirements or domain experts
    • Silo-ed view of limited dataset that does not make much sense to my business
    • The lack of analytics capabilities to sort through “big data” produced by log and security devices

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Support IT/network routine maintenance and operations
    • Comprehensive log collection
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • IBM
    • Open source or freeware

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Scalability – ability to deploy in a distributed, hierarchical, or peer-to-peer manner
    • Comprehensive log analysis
    • Interactive and distributed searches
    • Simple full-text search eliminating the need for domain experts or regex knowledge
  • Achieved the following with HP ArcSight Logger:
    • Faster analysis and reporting of logs and events
    • A reduction in time and effort for conducting regular compliance audit
    • Improvement in fraud detection through anomaly detection of large amounts of data in real-time and on historical data

Testimonials

“HP ArcSight Logger allows us to collect and report on our SOX systems in a consistent common event format (CEF) manner.”

Source:

TechValidate Survey of a Global 500 Banking Company

Research by TechValidate

Case Study: Large Enterprise Company Meets its SLAs through HP ArcSight

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Complex and lengthy forensic investigation and analysis
    • Painful searching of logs and events through regex, syntax requirements or domain experts
    • The inability to detect source of suspicious behavior (e.g. Unauthorized access, insider threats)
    • The inability to detect key events or advance persistent, external security threats and vulnerabilities from normal background activity

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Comprehensive log collection
    • Log storage through high compression
    • Log analytics and intelligence
    • Detecting/tracking suspicious behavior (e.g., unauthorized access, insider abuse)
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • NetIQ Security Manager

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
    • Filtering and parsing of data during collection through normalization and categorization
    • High performance – ability to capture, compress , store, and execute searches – large data at high speed
    • Scalability – ability to deploy in a distributed, hierarchical, or peer-to-peer manner
    • Rich built-in content, dashboards and reports
    • Comprehensive log analysis
    • Simultaneous indexing, searching, and reporting at high speed
    • Large community through Protect724
    • Simple full-text search eliminating the need for domain experts or regex knowledge
  • Achieved the following with HP ArcSight Logger:
    • A reduction in time to respond to breaches through quick forensic investigation
    • Faster analysis and reporting of logs and events
    • Cost-effective compliance through continuous monitoring
    • A reduction in database infrastructure costs & storage costs for long term archival of entire IT data

Testimonials

“With HP ArcSight Logger, we meet the contractual requirements of our customers.”

Source:

TechValidate Survey of a Large Enterprise Computer Hardware Company

Research by TechValidate

Case Study: Large Enterprise Company Accelerated Incident Identification by 500%

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • Complex and lengthy forensic investigation and analysis
    • The inability to detect source of suspicious behavior (e.g. Unauthorized access, insider threats)
    • The inability to correlate data across multiple devices in real-time

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Log storage through high compression
    • Log analytics and intelligence
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • IBM

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Scalability – ability to deploy in a distributed, hierarchical, or peer-to-peer manner
    • Real-time alerting
  • Achieved the following with HP ArcSight Logger:
    • Early detection and prevention of potential breaches, risks, vulnerabilities in systems and applications
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 25 – 50% using HP ArcSight Logger.
  • Can now collect, store, and analyze 100 – 500% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 100 – 500% with HP ArcSight Logger.

Testimonials

“With HP ArcSight, we are able to report the monthly audit certificate in 2 hours. We are able to search for a log event that occurred 1 months ago in 30 minutes versus hours or sometimes days earlier.”

Source:

TechValidate Survey of a Large Enterprise Computer Services Company

Research by TechValidate

Case Study: Security Products & Services Company Use HP ArcSight to Collect 500% More Data

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • Painful searching of logs and events through regex, syntax requirements or domain experts
    • Silo-ed view of limited dataset that does not make much sense to my business
    • No visibility into application or system performance

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Support IT/network routine maintenance and operations
    • Log analytics and intelligence
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Filtering and parsing of data during collection through normalization and categorization
    • Scalability – ability to deploy in a distributed, hierarchical, or peer-to-peer manner
    • Simultaneous indexing, searching, and reporting at high speed
    • Large community through Protect724
    • Granular role-based access
  • Achieved the following with HP ArcSight Logger:
    • Cost-effective compliance through continuous monitoring
    • Reduced implementation time for universal log management solution
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 25 – 50% using HP ArcSight Logger.
  • Can now collect, store, and analyze 100 – 500% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 10 – 50% with HP ArcSight Logger.
  • Realized a Return-On-Investment (ROI) in HP ArcSight Logger in 6-9 months.

Testimonials

“HP ArcSight provides centralized storage of logs and provides notification on security incidents. Reports are also important.”

Source:

TechValidate Survey of a Medium Enterprise Security Products & Services Company

Research by TechValidate

Case Study: Insurance Company Uses HP ArcSight for Cost-Effective Compliance Monitoring

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • The inability to correlate data across multiple devices in real-time

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Comprehensive log collection
  • Chose HP ArcSight Logger over the following vendors:
    • Open source or freeware

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
    • Filtering and parsing of data during collection through normalization and categorization
    • Comprehensive log analysis
  • Achieved the following with HP ArcSight Logger:
    • Cost-effective compliance through continuous monitoring
    • Early detection and prevention of potential breaches, risks, vulnerabilities in systems and applications

Testimonials

“With HP ArcSight, we get better reporting and investigation possibilities.”

Source:

TechValidate Survey of a Medium Enterprise Insurance Company

Research by TechValidate

Case Study: Small Computer Services Company Saw ROI In 6 months

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • Complex and lengthy forensic investigation and analysis
    • The inability to detect source of suspicious behavior (e.g. Unauthorized access, insider threats)
    • The inability to detect key events or advance persistent, external security threats and vulnerabilities from normal background activity
    • The lack of analytics capabilities to sort through “big data” produced by log and security devices

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Support IT/network routine maintenance and operations
    • Comprehensive log collection
    • Log storage through high compression
    • Log analytics and intelligence
    • Detecting/tracking suspicious behavior (e.g., unauthorized access, insider abuse)
    • Detecting APT-style malware
    • Preventing incidents
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • IBM
    • Open source or freeware

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
    • Rich built-in content, dashboards and reports
    • Comprehensive log analysis
    • Real-time alerting
    • Real-time monitoring and alerting
    • Interactive and distributed searches
    • Authentication and authorization
  • Achieved the following with HP ArcSight Logger:
    • A reduction in time to respond to breaches through quick forensic investigation
    • Faster analysis and reporting of logs and events
    • Improved business insight through interactive and conversational view of our data
    • Reduced implementation time for universal log management solution
    • Early detection and prevention of potential breaches, risks, vulnerabilities in systems and applications
    • A reduction in time and effort for conducting regular compliance audit
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 10 – 25% using HP ArcSight Logger.
  • Can now collect, store, and analyze 50 – 100% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 50 – 100% with HP ArcSight Logger.
  • Realized a Return-On-Investment (ROI) in HP ArcSight Logger in 6-9 months.

Testimonials

“With HP ArcSight, our customers are able to respond to a data breach in less than 4 hours.”

Source:

TechValidate Survey of a Small Business Computer Services Company

Research by TechValidate

Case Study: Accelerated Incident Identification up to 50% Faster with 50% More Data

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • Complex and lengthy forensic investigation and analysis
    • The inability to detect source of suspicious behavior (e.g. Unauthorized access, insider threats)
    • No visibility into application or system performance

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Support IT/network routine maintenance and operations
    • Detecting/tracking suspicious behavior (e.g., unauthorized access, insider abuse)
  • Chose HP ArcSight Logger over the following vendors:
    • Loglogic

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Rich built-in content, dashboards and reports
    • Real-time monitoring and alerting
  • Achieved the following with HP ArcSight Logger:
    • Cost-effective compliance through continuous monitoring
    • A reduction in time and effort for conducting regular compliance audit
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 10 – 25% using HP ArcSight Logger.
  • Can now collect, store, and analyze 10 – 50% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 10 – 50% with HP ArcSight Logger.
  • Realized a Return-On-Investment (ROI) in HP ArcSight Logger in 9-12 months.

Testimonials

“We are able to conduct forensic investigation of an incident in 60 minutes.”

Source:

TechValidate Survey of a Medium Enterprise Professional Services Company

Research by TechValidate

Case Study: Fortune 500 Aerospace & Defense Company

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The lack of analytics capabilities to sort through “big data” produced by log and security devices

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Comprehensive log collection
    • Log storage through high compression
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
    • Filtering and parsing of data during collection through normalization and categorization
    • High performance – ability to capture, compress , store, and execute searches – large data at high speed
    • Scalability – ability to deploy in a distributed, hierarchical, or peer-to-peer manner
    • Rich built-in content, dashboards and reports
    • Large community through Protect724
    • Interactive and distributed searches
  • Achieved the following with HP ArcSight Logger:
    • Improved business insight through interactive and conversational view of our data
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 50 – 100% using HP ArcSight Logger.
  • Can now collect, store, and analyze 100 – 500% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 500 – 1,000% with HP ArcSight Logger.

Testimonials

“We are able to provide an enterprise solution to log management that previously was not attempted.”

Source:

TechValidate Survey of a Fortune 500 Aerospace & Defense Company

Research by TechValidate

Case Study: Large Enterprise Professional Services Company

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Complex and lengthy forensic investigation and analysis

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Log storage through high compression
  • Chose HP ArcSight Logger over the following vendors:
    • IBM

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
    • Filtering and parsing of data during collection through normalization and categorization
    • Simultaneous indexing, searching, and reporting at high speed
    • Simple full-text search eliminating the need for domain experts or regex knowledge
  • Achieved the following with HP ArcSight Logger:
    • A reduction in time to respond to breaches through quick forensic investigation
    • Faster analysis and reporting of logs and events
    • A reduction in time and effort for conducting regular compliance audit
  • Accelerated the identification of security and IT incidents by 500 – 1,000% with HP ArcSight Logger.

Testimonials

“We are able to search for a log event that occurred 12 months ago in 2 minutes versus hours or sometimes days earlier.”

Source:

TechValidate Survey of a Large Enterprise Professional Services Company

Research by TechValidate

Case Study: Large Enterprise Computer Services Company

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Complex and lengthy forensic investigation and analysis
    • Painful searching of logs and events through regex, syntax requirements or domain experts
    • The inability to detect source of suspicious behavior (e.g. Unauthorized access, insider threats)
    • The inability to detect key events or advance persistent, external security threats and vulnerabilities from normal background activity
    • The lack of analytics capabilities to sort through “big data” produced by log and security devices

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Comprehensive log collection
    • Log storage through high compression
    • Log analytics and intelligence
    • Detecting/tracking suspicious behavior (e.g., unauthorized access, insider abuse)
    • Detecting APT-style malware
    • Preventing incidents
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • Balabit syslog NG

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
    • Filtering and parsing of data during collection through normalization and categorization
    • High performance – ability to capture, compress , store, and execute searches – large data at high speed
    • Scalability – ability to deploy in a distributed, hierarchical, or peer-to-peer manner
    • Rich built-in content, dashboards and reports
    • Comprehensive log analysis
    • Simultaneous indexing, searching, and reporting at high speed
    • Large community through Protect724
    • Interactive and distributed searches
    • Simple full-text search eliminating the need for domain experts or regex knowledge
    • Granular role-based access
    • Authentication and authorization
  • Achieved the following with HP ArcSight Logger:
    • A reduction in time to respond to breaches through quick forensic investigation
    • Faster analysis and reporting of logs and events
    • Early detection and prevention of potential breaches, risks, vulnerabilities in systems and applications
    • A reduction in number of incidents and false positives to be analyzed on a daily basis
    • Improvement in fraud detection through anomaly detection of large amounts of data in real-time and on historical data
  • Realized a Return-On-Investment (ROI) in HP ArcSight Logger in 3-6 months.

Testimonials

“With HP ArcSight we were able to track and investigate a huge amount of events on a daily basis and therefore were able to detect and stop many suspicious activities.”

Source:

TechValidate Survey of a Large Enterprise Computer Services Company

Research by TechValidate

Case Study: State & Local Government

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to collect and store logs, events and flows from multiple log sources/solution in a systematic manner
    • Painful searching of logs and events through regex, syntax requirements or domain experts
    • No visibility into application or system performance
    • The lack of analytics capabilities to sort through “big data” produced by log and security devices
    • No visibility of Logger Memory Status

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Support IT/network routine maintenance and operations
    • Comprehensive log collection
    • Log storage through high compression
    • Log analytics and intelligence
    • Preventing incidents
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • No other Products used before

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
    • Filtering and parsing of data during collection through normalization and categorization
    • High performance – ability to capture, compress , store, and execute searches – large data at high speed
    • Rich built-in content, dashboards and reports
    • Comprehensive log analysis
    • Real-time alerting
    • Real-time monitoring and alerting
    • Simultaneous indexing, searching, and reporting at high speed
    • Large community through Protect724
    • Authentication and authorization
  • Achieved the following with HP ArcSight Logger:
    • Faster analysis and reporting of logs and events
    • Cost-effective compliance through continuous monitoring
    • A reduction in database infrastructure costs & storage costs for long term archival of entire IT data
    • Reduced implementation time for universal log management solution
  • Reduced the time required to collect, store and analyze logs across multiple sources and devices by 50 – 100% using HP ArcSight Logger.
  • Can now collect, store, and analyze 100 – 500% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 100 – 500% with HP ArcSight Logger.
  • Realized a Return-On-Investment (ROI) in HP ArcSight Logger in 6-9 months.

Testimonials

“With HP ArcSight Logger, we are able to conduct forensic investigation of an incident in 10 – 15 minutes. Also we are able to search for a log event that occurred 6 months ago in 10 – 15 minutes versus hours or sometimes days earlier.”

Source:

TechValidate Survey of a State & Local Government

Research by TechValidate

Case Study: Fortune 500 Computer Services Company

Challenges

  • Addressed the following challenges with HP ArcSight Logger:
    • The inability to detect key events or advance persistent, external security threats and vulnerabilities from normal background activity
    • The inability to correlate data across multiple devices in real-time
    • The lack of analytics capabilities to sort through “big data” produced by log and security devices

Use Case

  • Is leveraging the logs, events and flows collected by HP ArcSight Logger in the following ways:
    • Adhering to compliance and regulatory requirements
    • Comprehensive log collection
    • Log analytics and intelligence
    • Detecting/tracking suspicious behavior (e.g., unauthorized access, insider abuse)
    • Supporting forensic analysis and correlation
  • Chose HP ArcSight Logger over the following vendors:
    • Splunk
    • IBM
    • LogRhythm

Results

  • Values the following HP ArcSight Logger features the most over other vendors:
    • Breadth of 350+ connectors to collect from any source
    • Filtering and parsing of data during collection through normalization and categorization
    • Scalability – ability to deploy in a distributed, hierarchical, or peer-to-peer manner
    • Real-time monitoring and alerting
    • Large community through Protect724
  • Achieved the following with HP ArcSight Logger:
    • A reduction in time to respond to breaches through quick forensic investigation
    • Faster analysis and reporting of logs and events
    • A reduction in time and effort for conducting regular compliance audit
    • Improvement in fraud detection through anomaly detection of large amounts of data in real-time and on historical data
  • Can now collect, store, and analyze 50 – 100% more data at one time with HP ArcSight Logger.
  • Accelerated the identification of security and IT incidents by 50 – 100% with HP ArcSight Logger.

Testimonials

“The retention time and the ease of access to the logs enabled compliance in some points of ISO recommendations.”

Source:

TechValidate Survey of a Fortune 500 Computer Services Company



More Research on HP Software Enterprise Security Products