ArcSight Case Study: Priority Health

download the case study   Summary: Priority Health, a top ten provider of health insurance plans, is now able to correlate security data from multiple devices on a single console, providing true visibility into the full-range of security events. Business Challenge: Data generated in Priority Health’s IDS and firewall systems was not integrated with syslog data. This made it difficult for Priority Health to gain true visibility into security events across the entire organization. “We were using one set of tools to monitor syslog data, another set of tools for firewall data and yet another for IDS data,” says Tim Maletic, information services security officer at Priority Health. “The greatest limitation was that we didn’t fully understand the true nature of security threats in our environment.” Solution: ArcSight solutions enabled Priority Health to integrate data from firewalls, syslogs, IDS and even web servers in a single console—providing much needed visibility across the organization. Vulnerability assessment data was also included in the integration mix. The company was able to correlate vulnerability assessment data with IDS logs, allowing it to ignore countless security alerts that were simply not applicable to its environment. Benefits: The bottom line is that Priority Health has become much more adept at managing vulnerabilities and measuring the overall performance of its information security platform. “Thanks to ArcSight, it became very easy to look at a series of security events—regardless of which device they came from—and see the real scope of the problem and what kind of response was needed,” says Maletic.