SN36: Cybercrime Investigator: Forensic Use of ArcSight ESM Integration Commands

Document created by jmerrill on Sep 10, 2010Last modified by freeman@hpe.com on Jul 8, 2014
Version 2Show Document
  • View in full screen mode

SN36
Cybercrime Investigator: Forensic Use of ArcSight ESM Integration Commands
Speaker:
Gary Freeman, Senior Sales Engineer, ArcSight; Paul Bowen, Principal Sales Engineer, ArcSight
Level: Intermediate
Many security analysts are tasked with assisting HR, corporate governance or law enforcement agencies with intercepting network information to establish evidence that may be used in employee termination or a court of law. This session explores the concept of network forensic investigations and how ArcSight ESM is used to establish a chain of custody through integration commands and case management.

 

 

Outcomes