Risk correlation yields
precision risk management.
Damage that results from a
security breach or successful
attack can be measured in
financial terms as well as loss
of customer confidence and brand
equity. The business costs
associated with security
problems are seldom if ever
reflected in the management and
communication of security
information. ArcSight
Correlation integrates the key
security factors that are
critical in determining the
potential for significant damage
within an organization. These
factors are:
- Real time events from
heterogeneous devices
- Results of vulnerability
scans and other sources of
threat data
- The value of the host,
database or application to
the organization.
Armed with these parameters,
ArcSight Correlation combines
the severity of potential
threats and attacks with the
value and vulnerability of
business processes and assets to
calculate and clearly
communicate the intrinsic risk
of a particular security event.
As a result, security resources
are applied where the potential
damage is most acute, and
business managers can set
policies and monitor the
security health of their most
important assets.
This Security Information
Taxonomy is developed by
ArcSight ESM in real time to
provide both the security
analyst and the business manager
with the information needed to
protect important assets. By
classifying attacks according to
their level of threat and degree
of success, and targets
according to their vulnerability
and value, a simple and powerful
four stage warning system is
generated. This combination of
technical and business filters
clearly communicates
business-oriented security
information while identifying
the most important areas of
focus for the security staff. |
