CSN03: Synergizing New Threats with ArcSight ESM

Document created by jmerrill on Sep 10, 2010
Version 1Show Document
  • View in full screen mode

Synergizing New Threats with ArcSight ESM
Joseph Peruzzi, Oracle Database Administrator, Northrop Grumman
Level: Advanced
Using external open source data that is available through the Internet, it is possible to find new threats on your network. In this session you will be shown how to exfiltrate data from various sources and import it into ArcSight ESM. You will also discover how to use that information to locate unknown threats, prioritize incidents and cut malware response time to mere seconds. Those attending this session should have a good working knowledge of ArcSight Connectors, active lists and filters.