|
Download product brief
ArcSight Compliance Insight Packages:
Automated Log Review for Compliance
ArcSight Compliance Insight Packages provide a ready-to-use, best practices-based compliance log review foundation to immediately begin assessing and demonstrating control effectiveness.
Highlights:
-
Clarifies confusing compliance log review practices through a comprehensive, best practice approach.
-
Alleviates time-consuming audit tasks
through automatically generated compliance information.
- Packaged, regulation-specific applications for Sarbanes-Oxley, HIPAA, FISMA, Gramm-Leach-Bliley, PCI, Basel II and other regulations.
Growing Compliance Complexity
The increase in government regulation over the confidentiality, integrity and availability of sensitive information has drastically affected the operating requirements of security departments. These new requirements have created a large time-sink for security departments in collecting, organizing, monitoring and reporting on event logs to detect and manage control-related activity. As a result, it’s no surprise that companies across all industries are calling out for technology to automate the required but time consuming processes.
Ease the Burden of Compliance
The family of ArcSight Compliance Insight Packages combined with ArcSight ESM provides regulated companies and government organizations with the ability to automatically identify and assess the effectiveness of internal controls. Key to compliance adherence is ensuring that controls for information systems are effectively implemented, maintained and reviewed. ArcSight Compliance Insight Packages are founded on a comprehensive set of analytics, dashboards and reports to provide a ready to use, easily customizable log review program based on NIST Security Controls and ISO-17799. These two standards are recommended by security experts as a comprehensive basis for regulatory compliance initiatives, fulfilling the COBIT control framework and strong IT governance.
Strongest Best Practices Approach for Audit
Designed around best practices, ArcSight Compliance Insight Packages leverage the NIST 800-53 (FIPS 200) standard to provide a comprehensive system for the implementation, assessment and monitoring of control effectiveness, including access control changes, administrative activity, log-in monitoring, as well as change and risk management. ArcSight Compliance Insight Packages automatically map these technical checks to the ISO-17799 standard to place them in policy and risk-relevant operational context, allowing organizations to focus on key services and business processes within the enterprise. ArcSight Compliance Insight Packages brings these two compliance standards together to deliver the most relevant and comprehensive set of compliance content in the SIM market today.
Benefits of ArcSight Compliance Insight Packages
-
Comprehensive report templates assess the effectiveness of internal controls: Each ArcSight Compliance Insight Packages provides as many as 85 different reports to address the effectiveness of controls through both technical checks and business process activity review.
-
Extensive graphical dashboards for continuous compliance oversight: ArcSight Compliance Insight Packages have an extensive set of dashboards which provide as many as 47 key views to help organizations quickly identify, assess, and address inappropriate activity that may constitute a compliance issue. These views provide at-a-glance status of administrative activity, policy violations, information access and more. The dashboards not only provide designated application owners and security professionals a means of assessing compliance, but also deliver assurance to executives and auditors that the organization is effectively performing compliance oversight with respect to security and activity logs.
-
Focused tracking of administrative activity delivers effective separation of duties: A common audit
point is the requirement to separate the review of administrative activity that relates to the access controls for regulated systems. ArcSight Compliance Insight Packages automatically track all administrative users
and their activity using a unique active list functionality
to easily fulfill separation of duties requirements for security monitoring.
- Real-time identification of high risk activity: ArcSight Compliance Insight Packages are tuned to immediately identify activity that presents a high risk to the confidentiality, integrity and availability of regulated information, and launch appropriate actions to demonstrate effective risk management.
Designed for ArcSight ESM—Compliance without Compromise
ArcSight Compliance Insight Packages seamlessly install and immediately leverage ArcSight ESM — the core SIM solution for compliance, security and insider threat. ArcSight ESM delivers a strategic compliance solution that allows organizations to implement compliance while vastly improving their overall security program. ArcSight ESM provides the strongest feature set to ensure that data is accurately collected and efficiently stored as well as the strongest analytics capabilities to provide immediate context to both security events and user activity. Customers can leverage the incredible flexibility of ArcSight ESM to easily focus ArcSight Compliance Insight Packages on their unique policies, procedures, infrastructure and audit points.
Related Resources
|
