Customer stories

Large Energy Company

ArcSight suite gives full industry regulation compliance and the flexibility to protect against a variety of cyber attacks

Products and services

Outcomes

Full NERC CIP regulation compliance
Security appliance approach frees up valuable time
ArcSight event normalization and categorization guards against technology changes

Challenge

Comply with stringent industry regulations and provide flexible protection against cyber attacks.

Details

Sophisticated regulation compliance required

As an energy provider this organization needs to comply with NERC (North American Electric Reliability Corporation) CIP (Critical Infrastructure Protection) regulations, to mitigate disturbances to electrical service delivery.To do this, its security team needs to provide robust event handling, realtime event correlation, offline analytics, and the flexibility to understand and protect against several attack frameworks. Deployment flexibility was an important factor for this organization as they wanted to minimize time managing the infrastructure, to free up man hours for value add security activities. Supported by OpenText™ Professional Services, ArcSight ESM by OpenText (formerly Micro Focus) and ArcSight Logger by OpenText (formerly Micro Focus) were implemented on-premises as the foundation of a sophisticated program to empower the security operations team.

The team’s Data Security and Compliance Engineer comments: “Over the years we have taken advantage of ArcSight’s ability to normalize events, using categorization within our content to take ever changing technology within our environment into account.”

ArcSight has enabled us to fully comply with the NERC CIP regulations.

Data security and compliance engineer
Large energy company

Moving to MITRE ATT&CK support for further flexibility

The organization is looking to modernize its security operations further and is interested in the ArcSight Intelligence features to provide better insight into their operations, automate repetitive tasks, and improve operational efficiencies.

It currently leverages the ‘cyber kill chain’ method for preempting attacks.This follows a clearly defined linear sequence of phases. Adopting ArcSight Intelligence would give them the opportunity to support the MITRE ATT&CK framework, which is a matrix of intrusion techniques that is not confined to a specific order of operations and which is regularly updated with industry input to keep up with the latest techniques.

FeaturedFeatured

Analytics CloudAnalytics Cloud

Data Lakehouse & AnalyticsData Lakehouse & Analytics

BI, Visualization & ReportingBI, Visualization & Reporting

eDiscovery and Legal SolutionseDiscovery and Legal Solutions

OpenText™ Aviator Search

Business Network CloudBusiness Network Cloud

Supply Chain AutomationSupply Chain Automation

B2B IntegrationB2B Integration

Secure CollaborationSecure Collaboration

Supply Chain TraceabilitySupply Chain Traceability

Supply Chain InsightsSupply Chain Insights

Industry Applications and ServicesIndustry Applications and Services

OpenText™ Business Network Aviator

Content CloudContent Cloud

Document ManagementDocument Management

AI Content ManagementAI Content Management

Capture Intelligent Document ProcessingCapture Intelligent Document Processing

Process AutomationProcess Automation

Business IntegrationsBusiness Integrations

Information ArchivingInformation Archiving

Industry SolutionsIndustry Solutions

Information GovernanceInformation Governance

OpenText™ Content Aviator

Cybersecurity CloudCybersecurity Cloud

Application SecurityApplication Security

Data Privacy and ProtectionData Privacy and Protection

Threat Detection and ResponseThreat Detection and Response

Identity and Access ManagementIdentity and Access Management

Digital Investigations and ForensicsDigital Investigations and Forensics

Threat IntelligenceThreat Intelligence

OpenText™ Cybersecurity Aviator

DevOps CloudDevOps Cloud

DevOps PlatformDevOps Platform

Functional TestingFunctional Testing

PPM and Strategic Portfolio ManagementPPM and Strategic Portfolio Management

Quality ManagementQuality Management

Performance EngineeringPerformance Engineering

OpenText™ DevOps Aviator

Experience CloudExperience Cloud

Web & Mobile ExperiencesWeb & Mobile Experiences

Contact Center AnalyticsContact Center Analytics

Messaging & FaxMessaging & Fax

Customer CommunicationsCustomer Communications

Digital Asset ManagementDigital Asset Management

Customer Journey and DataCustomer Journey and Data

OpenText™ Experience Aviator

IT Operations CloudIT Operations Cloud

Service ManagementService Management

Discovery & CMDBDiscovery & CMDB

AIOps and ObservabilityAIOps and Observability

Network ManagementNetwork Management

Cloud Management, FinOps & GreenOpsCloud Management, FinOps & GreenOps

AutomationAutomation

OpenText™ IT Operations Aviator

OpenText™ ThrustOpenText™ Thrust

OpenText™ Thrust bundleOpenText™ Thrust bundle

OpenText™ Aviator Thrust

PortfolioPortfolio

Data ProtectionData Protection

Endpoint Management and Mobile Security Endpoint Management and Mobile Security

Hybrid Work, Email, and Team Collaboration Hybrid Work, Email, and Team Collaboration

Archiving, eDiscovery, and Data SecurityArchiving, eDiscovery, and Data Security

Connectivity and Document ManagementConnectivity and Document Management

Information reimaginedInformation reimagined

Artificial IntelligenceArtificial Intelligence

IndustryIndustry

Enterprise ApplicationsEnterprise Applications

Your journey to successYour journey to success

Customer SupportCustomer Support

Customer Success ServicesCustomer Success Services

Consulting ServicesConsulting Services

NextGen ServicesNextGen Services

Learning ServicesLearning Services

Managed ServicesManaged Services

Find an OpenText PartnerFind an OpenText Partner

Find a Partner SolutionFind a Partner Solution

Grow as a PartnerGrow as a Partner

Become a Partner

Asset LibraryAsset Library

Featured

Analytics Cloud

Data Lakehouse & Analytics

BI, Visualization & Reporting

eDiscovery and Legal Solutions

Business Network Cloud

Supply Chain Automation

B2B Integration

Secure Collaboration

Supply Chain Traceability

Supply Chain Insights

Industry Applications and Services

Content Cloud

Document Management

AI Content Management

Capture Intelligent Document Processing

Process Automation

Business Integrations

Information Archiving

Industry Solutions

Information Governance

Cybersecurity Cloud

Application Security

Data Privacy and Protection

Threat Detection and Response

Identity and Access Management

Digital Investigations and Forensics

Threat Intelligence

DevOps Cloud

DevOps Platform

Functional Testing

PPM and Strategic Portfolio Management

Quality Management

Performance Engineering

Experience Cloud

Web & Mobile Experiences

Contact Center Analytics

Messaging & Fax

Customer Communications

Digital Asset Management

Customer Journey and Data

IT Operations Cloud

Service Management

Discovery & CMDB

AIOps and Observability

Network Management

Cloud Management, FinOps & GreenOps

Automation

OpenText™ Thrust

OpenText™ Thrust bundle

Portfolio

Data Protection

Endpoint Management and Mobile Security

Hybrid Work, Email, and Team Collaboration

Archiving, eDiscovery, and Data Security

Connectivity and Document Management

Information reimagined

Artificial Intelligence

Industry

Enterprise Applications

Your journey to success

Customer Support

Customer Success Services

Consulting Services

NextGen Services

Learning Services

Managed Services

Find an OpenText Partner

Find a Partner Solution

Grow as a Partner

Asset Library

Blogs

Events

Communities

Customer Stories

OpenText Navigator