Updating ArcSight: Part 1/3
You are here: Home \ Upgrades \ Updating ArcSight
10 November 2021 - 9:31, by , in Upgrades, Comments off

 

If there is one message you take away in regards to cyber security, it’s that you should always keep your device and application software up to date. The updates you see on a daily basis across your devices often include important security updates from software providers that keep you protected from online threats so you don’t have to think about them. That’s why when Micro Focus released upgrades across their ArcSight platform back in May 2021 Titan Labs followed the progress with great interest. The upgrades being released included a range of improvements and security fixes across Command Center for Enterprise Security Manager (ArcSight ESM), Intelligence, Management Center (ArcMC), Recon, Fusion, Platform Installer, Transformation Hub, and introduced ArcSight SOAR to the playing field.

 

Titan and our customers work with a range of ArcSight products on a day-to-day basis to keep our systems and data secure. However due to the nature of our work our focus has, so far, been the upgrades to ArcSight ESM, ArcMC and the ArcSight SmartConnectors. So why upgrade? What benefit does it bring? The reality is it depends how you as a user utilise the products you have. However, upgrading your ArcSight ESM, for example, will give you:

 

  • Full Armor integration, which enables SOCs to use Active Directory users and groups to manage their ArcSight ESM user and group memberships;
  • ArcSight SOAR integration so it can be used as a native solution within ESM, pairing real-time detection with automated threat response​;
  • Interactive API documentation to support a standards-based approach to REST APIs​​;
  • Consolidated storage options with ArcSight Recon which enables ESM to forward its events to a unified storage repository to be used across the ArcSight SecOps platform.

 

These upgrades also come with OS updates which bring additional bonuses like security patches and the continuation of vendor support, which will keep you, your data, and your systems protected from a myriad of known vulnerabilities!

 

TL;DR? We recommend upgrading your ArcSight products to the latest and greatest versions to keep your systems and data protected. This is the message we have passed on to our customers too and the rest of this blog mini-series will focus on how we prepared for the upgrades and the most recent upgrade we have run, warts and all, so you can make your own informed decision! Though be warned, this is not an instructional series, but an account of a how we went about this upgrade for one of our customers! The process is run through the command line so can be a bit fiddly at times, and with live data and your security at stake I would recommend getting in touch if this is something you’re thinking of implementing!

Comments are closed here.

Calendar

December 2021
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031