Threat Protection Content

Your Threat Landscape is Dynamic

At SEMplicity, our founders have been in the cyber-security business since 1990. Never have we seen a more dynamic threat landscape. New vulnerabilities, new bad actors, new attack vectors, new compromises, and entirely new types of attack…the sheer volume of malicious activity has never been greater. ArcSight’s primary job is to detect security events, but how can it keep up with all of the new types of security threats emerging every day? We solve this challenge by offering an exclusive ArcSight SIEM content subscription service.

Stay on the Cutting-Edge with SEMplicity’s Threat Protection Content Subscription

At SEMplicity, we focus on applying the ArcSight ESM solution to real-world problems. We know how to translate abstract threat information into concrete ArcSight SIEM content. Our monthly Threat Protection Content Subscription delivers correlation rules, queries, dashboards, trends, lists and reports designed to detect and report upon the latest emerging threats to your organization. You can install this ArcSight SIEM content yourself, or let our engineers install it via remote access. Either way, you will know that your ArcSight ESM deployment is reacting dynamically to today’s threats.

Component Benefits
Scoping Call One-hour initial scoping call to enumerate ArcSight logger sources at the client site and discover any special areas of concern.
Detection Rules Correlation rules designed to detect the last threats, based on log sources onboarded at your site, along with supporting active lists, session lists, global variables and/or trends.
Activity Report A monthly report on all threat activity detected by this content subscription.
Threat Dashboard A dashboard showing threat activity detected by this content subscription over the previous 30 days.
Comprehensive Documentation Knowledgebase articles and wiki documentation describing implementation and usage of all content delivered.
Monthly Threat Call A monthly conference call describing the threat detection content delivered that month, including capabilities, components and installation procedures.

Requirements:

  • Admin credentials for ArcSight ESM, if installed remotely
  • Remote access, if install remotely