ArcSight Compliance Insight Package for IT

Product Brief: ArcSight ESM Compliance Insight Package for IT GovernanceCompliance-Relevant LogReview for IT GovernanceHighlights:• Clarifies confusing compliance logreviews through a comprehensive,best practice approach• Alleviates time-consuming audittasks through automaticallygenerated compliance information• Delivers all information in thecurrent standards-basedISO-17799:2005 and NIST 800-53relevant formatThe ArcSight ESM Compliance Insight Package for ITGovernance quickly provides organizations thatare implementing an IT governance program witha comprehensive foundation for log review basedon best practices.Growing Compliance ComplexityThe increase in government regulation overthe confidentiality, integrity and availability ofsensitive information has drastically affectedthe operating requirements of securitydepartments. These new requirementshave forced security departments to spendan inordinate amount of time collecting,organizing, monitoring and reporting on eventlogs to detect and manage control-relatedactivity. It’s no surprise that companies acrossall industries are searching for technology toautomate this necessary but taxing process.Ease the Compliance BurdenArcSight ESM Compliance Insight Packagefor IT Governance is ideal for organizationsthat are implementing an IT governanceprogram, either independently or as thefoundation of their regulatory complianceinitiative. This easily customizable packagecontains a host of ready-to-use technicaland business-level checks in accordancewith the reporting structure for the ISO-17799:2005 and NIST 800-53 standards.ArcSight ESM Compliance Insight Packagefor IT Governance, combined with ArcSightESM, provides companies and governmentorganizations with the ability to automaticallyidentify and assess the effectiveness ofinternal controls in an IT governance relevantcontext. Key to compliance adherence isensuring that controls for information systemsare effectively implemented, monitored andmaintained. ArcSight ESM ComplianceInsight Package for IT Governance providesa comprehensive set of analytics, dashboardsand reports to provide an easily customizablelog review program based on the ISO-17799:2005 and NIST 800-53 frameworks.These two standards are recommendedby security experts as a firm basis forregulatory compliance initiatives and strongIT governance.

Product Brief: ArcSight ESM Compliance Insight Package for IT GovernanceFormatsContentReportsDashboardsActive ListsReal-Time RulesFocusAssetRelevanceSarbanes-Oxley HIPAA GLBA FISMA PCI Basel IIAnalysisBusinessRelevanceISO-17799 Practices • Business Processes • Policy Monitoring • Risk ManagementTechnicalChecksNIST 800-53Standard• Logon/Logoff• Privilege Change• ConfigurationChanges• Attack Status• AdministrationActivity• TerminatedEmployees• Vulnerability• System ActivityData FeedsPrimaryControlsSecondaryControlsApplication Database OS IAM HIDS VAFirewall IDS/IPS Network InfrastructureArcSight ESM Compliance Insight Package for IT Governance MethodologyStrong Multi-Standards ApproachDesigned around best practices,ArcSight ESM Compliance InsightPackage for IT Governance leveragesthe NIST 800-53 (FIPS 200) standard toprovide a comprehensive system for theimplementation, assessment and monitoringof internal controls, including access controlchanges, administrative activity, log-inmonitoring, as well as change and riskmanagement. ArcSight ESM ComplianceInsight Package for IT Governanceautomatically maps these technical checksto the ISO-17799:2005 standard to placethem in policy and risk-relevant operationalcontext, allowing organizations to focus onkey services and business processes withinthe enterprise and address critical auditpoints. ArcSight ESM Compliance InsightPackage for IT Governance brings thesetwo security standards together to deliverthe most relevant and comprehensive set ofcompliance content in the SIEM market today.Benefits of ArcSight ESM CompliancePackage for IT Governance• Comprehensive Report TemplatesArcSight ESM Compliance Insight Packagefor IT Governance provides over 85easily customizable reports, dashboards,correlation rules and data monitors tomeasure and report on the effectiveness ofcontrols through both technical checks andbusiness process activity review. Theseviews provide a real-time status of issuesagainst specific compliance requirements,as well as comprehensive reportingon historical data that can be used forbenchmarking efforts.• Real-Time Compliance OversightArcSight ESM Compliance InsightPackage for IT Governance offers realtimemonitoring, detection and reportingof compliance breaches, providing theability to proactively address complianceviolations before they are identifiedby auditors. Real-time reporting anddashboards provide application users andsecurity professional a means of assessingcompliance, as well as demonstrating tomanagement and auditors the organizationis effectively demonstrating complianceoversight.• Focused Tracking of AdministrativeActivity Effective Separation of DutiesA common audit point is the requirementto separately review administrativeactivity that relates to the access controlsfor regulated systems. ArcSight ESMCompliance Insight Package for ITGovernance automatically tracks alladministrative users and their activity viaunique active list functionality to easilyfulfill separation of duties requirements forsecurity monitoring.• Real-Time Identification ofCompliance ActivityArcSight ESM Compliance Packagefor IT Governance is tuned to monitorcompliance activity in real-time and identifygaps in the compliance effort that presenta risk to the confidentiality, integrity andavailability of regulated information, aswell as launch appropriate remediationactions to demonstrate full compliancemanagement.

Product Brief: ArcSight ESM Compliance Insight Package for IT GovernanceDesigned to Leverage ArcSight ESMArcSight ESM Compliance Package forIT Governance seamlessly installs andimmediately leverages ArcSight ESM – themarket-leading SIEM solution for enterprisethreat and risk management. The packagedelivers a strategic compliance solution thatallows organizations to implement compliancewhile vastly improving their overall securityprogram. ArcSight ESM provides thestrongest feature set to ensure that data isaccurately collected and efficiently stored, aswell as the strongest analytics capabilities toprovide immediate context to both securityevents and user activity. Customers canleverage the incredible flexibility of ArcSightESM to easily focus compliance log reviewson their unique policies, procedures,infrastructure and audit points.ArcSight ESM Compliance InsightPackage FamilyArcSight ESM Compliance Insight Packagefor IT Governance is part of the ArcSightCompliance Insight Package family. Thissuite of content offerings delivers log reviewand security monitoring based on securityand audit best practices to help organizationsmeet regulatory compliance requirementsand institute a strong IT governance program.About ArcSight:ArcSight, an HP company, is a leading global provider of cybersecurity and compliancesolutions that protect organizations from enterprise threats and risks. Based on the marketleadingSIEM offering, the ArcSight Enterprise Threat and Risk Management (ETRM)platform enables businesses and government agencies to proactively safeguard digitalassets, comply with corporate and regulatory policy and control the internal and externalrisks associated with cybertheft, cyberfraud, cyberwarfare and cyberespionage. For moreinformation, visit www.arcsight.com.ArcSight, Inc.5 Results Way, Cupertino, CA 95014, USAwww.arcsight.com info@arcsight.comCorporate Headquarters: 1-888-415-ARSTEMEA Headquarters: +44 (0)844 745 2068Asia Pac Headquarters: +65 6248 4795© 2010 ArcSight, Inc. All rights reserved.ArcSight and the ArcSight logo are trademarksof ArcSight, Inc. All other product and companynames may be trademarks or registeredtrademarks of their respective owners.ARST-PB011-05212010-03