OpenText brings decades of expertise to help you unlock data, connect people and processes, and fuel AI with trust
Unify data seamlessly across your enterprise to eliminate silos, improve collaboration, and reduce risks
Get AI-ready and transform your data into structured, accessible, optimized information
Meet regulatory and compliance requirements and protect your information throughout its lifecycle
OpenText helps people manage content, automate work, use AI, and collaborate to boost productivity
See how thousands of companies around the world are succeeding with innovative solutions from OpenText™
Our people are our greatest asset; they are the life of the OpenText brand and values
Learn how we aspire to advance societal goals and accelerate positive change
Find a highly skilled OpenText partner with the right solution to enable digital transformation
Explore scalable and flexible deployment options for global organizations of any size
Local control. Global scale. Trusted AI
Your cloud, your control
Free up resources, optimize performance and rapidly address issues
Run anywhere and scale globally in the public cloud of your choice
See information in new ways
AI that understands your business, your data, and your goals
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
Gain better insights with generative AI for supply chains
Power work with AI content management and an intelligent AI content assistant
Improve your security posture with AI cybersecurity and agile threat detection
Enable faster app delivery, development, and automated software testing
Elevate customer communications and experiences for customer success
Empower users, service agents, and IT staff to find the answers they need
See information in new ways
AI that understands your business, your data, and your goals
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
Gain better insights with generative AI for supply chains
Power work with AI content management and an intelligent AI content assistant
Improve your security posture with AI cybersecurity and agile threat detection
Enable faster app delivery, development, and automated software testing
Elevate customer communications and experiences for customer success
Empower users, service agents, and IT staff to find the answers they need
Predict, act, and win with real-time analytics on a smarter data platform
Give users access to the answers they need, faster and easier, with multi-repository AI-based search that lets you contextualize everything from clicks to conversations
Connect once, reach anything with a secure B2B integration platform
Reimagine knowledge with AI-ready content management solutions
Supercharge intelligent workspaces with AI to modernize work
Integrated cybersecurity solutions for enterprise protection
Purpose built data protection and security solutions
Reinvent threat hunting to improve security posture with the power of agile AI
Ship better software—faster—with AI-driven DevOps automation, testing, and quality
Reimagine conversations with unforgettable customer experiences
Get the clarity needed to cut the cost and complexity of IT operations
Redefine Tier 1 business support functions with self-service capabilities from private generative AI
Build custom applications using proven OpenText Information Management technology
Build it your way with OpenText Cloud APIs that create the real-time information flows that enable custom applications and workflows
Protect what matters, recover when it counts
Get greater visibility and sharper insights from AI-driven information management. Ready to see how?
Break free from silos, streamline processes, and improve customer experiences with secure information management for AI
Improve efficiency, security, and customer satisfaction with OpenText
Run processes faster and with less risk
Achieve digital transformation with guidance from certified experts
Modernize your information management with certified experts
Unlock the full potential of your information management solution
Turn support into your strategic advantage
Extend IT teams with certified OpenText application experts
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Modernize your information management with certified experts
Unlock the full potential of your information management solution
Turn support into your strategic advantage
Extend IT teams with certified OpenText application experts
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Information is the heartbeat of every organization. We build information management software so you can build the future
OpenText partners with leading cloud infrastructure providers to offer the flexibility to run OpenText solutions anywhere
OpenText partners with top enterprise app providers to unlock unstructured content for better business insights
Discover flexible and innovative offerings designed to add value to OpenText solutions
Discover the resources available to support and grow Partner capabilities
Get expert product and service support to accelerate issue resolution and keep business flows running efficiently
Explore detailed services and consulting presentations, briefs, documentation and other resources
ArcSight drastically improves advance threat detection and response through cross-team collaboration and data-driven security analytics
Protecting critical infrastructure from cyberattacks by creating visibility into threat data, and encouraging cross-team collaboration.
A so-called BlackEnergy cyberattack on Ukraine’s power grid took place in December 2015 and is considered to be the first known successful cyberattack on a power grid. Hackers were able to successfully compromise information systems of three energy distribution companies in Ukraine and temporarily disrupt electricity supply to 230,000 end consumers for a period of one to six hours.
As a critical infrastructure company, this caused NPC Ukrenergo to closely examine its security processes, as Dmitriy Ryzhkov, Senior Information Security Analyst for NPC Ukrenergo explains: “When you need to protect industrial control systems, as we do, different rules apply. Availability and business continuity are paramount, as operations cannot be interrupted without major consequences to the general population. The systems are managed through operations and infrastructure teams, rather than IT teams, and comprehensive security management requires cross-team collaboration. Without this, and security solution support, these systems remain vulnerable to attacks.”
With Micro Focus (now part of OpenText™)ArcSight, we don’t just detect real attacks quickly, but we also automate orchestrated responses in near-real time. The flexibility of ArcSight helps us intelligently adapt for the future.
Ultimately, the company realized it needed a Security Operations Centre (SOC); a centralized unit that manages security issues on an organizational and technical level. However, a comprehensive Security and Information Events Management (SIEM) solution would provide a great interim step for the organization to learn, protect itself against future attacks, and increase its understanding of the elements that make up a SOC. OpenText™ ArcSight Enterprise Security Management (ESM) is widely known in the marketplace as providing powerful, efficient threat detection and response through security analytics, which is just what the team needed to get started.
NPC Ukrenergo started with an infrastructure assessment. “To implement an effective SIEM you need to have a full understanding of the infrastructure and IT systems operations,” says Dmitriy. “What data logs are stored? What type of users have what level of access rights? We performed vulnerability scans on our environment to assess the risk level we need to address. The resulting data was then leveraged in a single Arcsight ESM console. It took time to grasp the ArcSight ESM capabilities for us, but once we did, we saw the flexibility and opportunity quite clearly. The ArcSight ESM data gave us a great platform to start cross-team collaboration, which was encouraged through executive support in the organization. We created dashboards that really pinpointed our vulnerabilities so that IT security, maintenance, and operations teams could work together to address this.”
Security operators shared cybersecurity trends and information with each other and developed a best practice framework through which custom use cases were built. Adding more event sources to the SIEM was an important success factor. Leveraging ArcSight Flex Connectors, the team connected many data source types to collect, aggregate, clean, and enrich data before feeding it into security analytics. By structuring the data, ESM makes it both more useful and cost-effective. ArcSight Logger helps ease NPC Ukrenergo’s compliance burden by preparing compliance documentation faster with built-in content, dashboards, and reports.
As the framework organically grew into a SOC it started to include thread intelligence and incident response. A dashboard maps security events to the MITRE ATT&CK framework, adopted by NPC Ukrenergo. This knowledge base is a foundation for the development of specific threat models and methodologies. With more connected event sources, specific user behavior analytics, and the MITRE ATT&CK framework, the team added more advanced use cases, and the result was a clear risk assessment, more visibility, and improved alerting and incident response.
Following the MITRE principles, NPC Ukrenergo divided SOC responsibility into tiers, as explained by Dmitriy. “Using ArcSight ESM, we created a model with a Tier 1 lead taking responsibility for real-time monitoring and tri aging of security events, vulnerability scanning, and emergency alerts. Tier 2 then takes up incident analysis, coordination, and response, as well as forensic artifact handling, and insider threat case support. A system administration lead focuses on the infrastructure operation and maintenance, and tool engineering and deployment. The final tier includes advanced capabilities such as scripting and automation which is a real time-saver for us. The teams work as one and intelligence is shared to help everyone.”
He concludes: “Even the most secure organizations will experience a breach at some point. But what separates us now is how quickly we can detect a genuine threat and respond, because the longer a threat remains hidden, the more damage it does. With Micro Focus (now part of OpenText™) ArcSight, we don’t just detect real attacks quickly, but we also automate orchestrated responses in near-real time. The flexibility of ArcSight helps us intelligently adapt for the future.”
The ArcSight ESM data gave us a great platform to start cross-team collaboration, which was encouraged through executive support in the organization. We created dashboards that really pinpointed our vulnerabilities so that IT security, maintenance, and operations teams could work together to address this.
NPC Ukrenergo is a power company responsible for operational and technological control of the Ukrainian energy system and electricity transmission from generating plants to the distribution networks of the regional electricity suppliers. The company network includes eight regional power systems, covering the entire territory of Ukraine and employing over 8,000 people.