Risk correlation yields
precision risk management. Damage that results from a security breach
or successful attack can be measured in financial terms as well as
loss of customer confidence and brand equity. The business costs associated
with security problems are seldom if ever reflected in the management
and communication of security information. ArcSight Correlation integrates
the key security factors that are critical in determining the potential
for significant damage within an organization. These factors are:
Real time events from heterogeneous devices
Results of vulnerability scans and other sources
of threat data
The value of the host, database or application
to the organization.
Armed with these parameters,
ArcSight Correlation combines the severity of potential threats and
attacks with the value and vulnerability of business processes and
assets to calculate and clearly communicate the intrinsic risk of
a particular security event. As a result, security resources are applied
where the potential damage is most acute, and business managers can
set policies and monitor the security health of their most important
assets.
This Security Information Taxonomy is developed by ArcSight ESM
in real time to provide both the security analyst and the business
manager with the information needed to protect important assets.
By classifying attacks according to their level of threat and degree
of success, and targets according to their vulnerability and value,
a simple and powerful four stage warning system is generated. This
combination of technical and business filters clearly communicates
business-oriented security information while identifying the most
important areas of focus for the security staff.
ArcSight Correlation
ArcSight Correlation
