OpenText는 수십 년간의 전문 지식을 통해 데이터를 활용하고, 사람과 프로세스를 연결하며, 신뢰할 수 있는 AI를 강화합니다
기업 전체의 데이터를 매끄럽게 통합하여 정보 단절을 없애고, 협업을 강화하며, 리스크를 최소화하세요
데이터를 AI가 활용 가능하고 구조화되고, 접근 가능한, 최적화된 정보로 변환하세요
규제 및 준수 요구 사항을 충족하고 정보의 수명 주기 전반에 걸쳐 보호하세요
OpenText는 사람들이 콘텐츠를 관리하고, 작업을 자동화하며, AI를 사용하고, 협업하여 생산성을 높일 수 있도록 지원합니다
전 세계 수천 개의 기업이 OpenText의 혁신적인 솔루션으로 성공을 거두고 있는 방법을 확인해 보세요
직원은 OpenText의 가장 큰 자산으로, OpenText 브랜드와 가치의 생명입니다.
OpenText가 사회적 목표를 발전시키고 긍정적인 변화를 가속화하기 위해 어떤 노력을 하고 있는지 알아보세요
디지털 혁신을 이루기 최적인 솔루션과 전문성을 갖춘 OpenText 파트너를 만나보세요
새로운 방식으로 정보 보기
비즈니스, 데이터 및 목표를 파악하는 AI
더 빠른 의사 결정을 만나보세요. 안전한 개인 AI 비서가 업무를 시작할 준비가 되었습니다.
공급망을 위한 생성형 AI로 더 나은 인사이트를 얻어보세요.
AI 콘텐츠 관리 및 지능형 AI 콘텐츠 어시스턴트를 통해 효율적으로 작업하세요.
더 빠른 앱 제공, 개발 및 자동화된 소프트웨어 테스트를 만나보세요.
고객 성공을 위해 고객 커뮤니케이션과 경험을 개선해 보세요.
사용자, 서비스 상담원 및 IT 직원이 필요한 답을 찾을 수 있도록 권한을 부여하세요.
새로운 방식으로 정보 보기
비즈니스, 데이터 및 목표를 파악하는 AI
더 빠른 의사 결정을 만나보세요. 안전한 개인 AI 비서가 업무를 시작할 준비가 되었습니다.
공급망을 위한 생성형 AI로 더 나은 인사이트를 얻어보세요.
AI 콘텐츠 관리 및 지능형 AI 콘텐츠 어시스턴트를 통해 효율적으로 작업하세요.
더 빠른 앱 제공, 개발 및 자동화된 소프트웨어 테스트를 만나보세요.
고객 성공을 위해 고객 커뮤니케이션과 경험을 개선해 보세요.
사용자, 서비스 상담원 및 IT 직원이 필요한 답을 찾을 수 있도록 권한을 부여하세요.
한 번만 연결하면 안전한 B2B 통합 플랫폼으로 모든 대상과 연결할 수 있습니다.
AI가 활용 가능한 콘텐츠 관리 솔루션으로 지식 재구성
기업 보호를 위한 통합 사이버 보안 솔루션
AI 기반 DevOps 자동화, 테스트 및 품질을 통해 더 나은 소프트웨어를 더 빠르게 제공
잊을 수 없는 고객 경험으로 대화 재창조
IT 운영의 비용과 복잡성을 줄이기 위해 필요한 명확성 확보
검증된 OpenText 정보 관리 기술을 사용하여 맞춤형 애플리케이션 구축
사용자 정의 애플리케이션 및 워크플로를 지원하는 실시간 정보 흐름을 제공하는 OpenText Cloud API를 사용하여 원하는 방식으로 구축
안전한 정보 관리가 신뢰할 수 있는 AI를 만나다
데이터와 AI의 신뢰를 높이는 통합 데이터 프레임워크
데이터 언어로 에이전트를 구축, 배포 및 반복할 수 있는 공간
AI를 강화하기 위해 데이터 수집 및 메타데이터 태그 지정 자동화를 지원하는 도구 세트
거버넌스를 사전 예방적이고 지속 가능하게 만드는 서비스 및 API 제품군
AI 여정을 도와주는 전문 서비스 전문가
새로운 방식으로 정보 보기
비즈니스, 데이터 및 목표를 파악하는 AI
더 빠른 의사 결정을 만나보세요. 안전한 개인 AI 비서가 업무를 시작할 준비가 되었습니다.
공급망을 위한 생성형 AI로 더 나은 인사이트를 얻어보세요.
AI 콘텐츠 관리 및 지능형 AI 콘텐츠 어시스턴트를 통해 효율적으로 작업하세요.
더 빠른 앱 제공, 개발 및 자동화된 소프트웨어 테스트를 만나보세요.
고객 성공을 위해 고객 커뮤니케이션과 경험을 개선해 보세요.
사용자, 서비스 상담원 및 IT 직원이 필요한 답을 찾을 수 있도록 권한을 부여하세요.
OpenText는 주요 클라우드 인프라 제공업체와 협력하여 어디서나 OpenText 솔루션을 실행할 수 있는 유연성을 제공합니다
OpenText는 최고의 엔터프라이즈 앱 제공업체와 협력하여 비정형 데이터를 활용함으로써 더 나은 비즈니스 인사이트를 제공합니다
BDO IsraelArcSight’s maturity and scalability enables BDO to save clients hundreds of thousands in CapEx costs, deliver consistent results for demanding MSSP clients and more

BDO needed to build and launch a world-class cyber security center to protect clients.
BDO Israel got off to a fast start by acquiring a market-leading Israeli cyber security consulting firm, SECOZ. In the process, BDO Israel added 30 top cyber security experts, who formed the core of the firm’s new Cyber Security Center. The new service, built on the Micro Focus ArcSight security information and event management (SIEM) platform, went live in late 2016 and is now being rolled out to BDO’s global client base.
The cyber warriors at the heart of BDO Israel’s new Cyber Security Center offer the experience of hundreds of successful SECOZ engagements, many featuring the use of the ArcSight Activate Framework.
Cyber crime is projected to cost the world $2 trillion by 2019, according to a report by Juniper Research. Researchers at Cybersecurity Ventures predict that ransomware – a form of malware made infamous by the May 2017 “WannaCry” attacks – is expected to exceed $5 billion in damages in 2017.
To counter the surge in cyber crime, enterprises are moving away from prevention-only strategies to focus more on detection and response. In a recent report by Gartner, Inc., analysts noted that spending on information security is expected to hit $90 billion in 2017, an increase of 7.6 percent over 2016, and to top $113 billion by 2020. Spending on detection and response is expected to be at the top of the shopping list.
“We believe that in order to deliver a robust and reliable managed detection and response (MDR) service, we need a core platform that is tested and flexible enough to meet the needs of our clients here and around the world,” notes Dori Fisher, Head of Managed Cyber Security Services for BDO Israel. “I’m very familiar with this product segment, so IBM was the only other solution I considered. We want to be able to both create advanced scenarios and rely a lot on correlation. Other solutions don’t go there, leaving our analysts with too much to process.
“We use ArcSight to create our own connectors and parsers,” Fisher continues. “With ArcSight, we get the multi-tenancy we need to serve multiple clients, and we can easily replicate the custom content we’ve created. I’ve used ArcSight for 15 years and I know it’ll be there tomorrow and can connect to anything. That cleared the table of other considerations.”
The BDO Cyber Security Center implemented Micro Focus ArcSight Enterprise Security Manager (ESM) and ArcSight Data Platform on the Amazon Web Services (AWS) cloud computing platform. Approximately 80 percent of the MSSP/MDR’s clients take advantage of the AWS option, while the remaining clients have their own implementations of ArcSight, which BDO monitors.
The client base for BDO’s new cyber security services is immense and growing broader every day. “We were a successful advisory organization for 15 years before we became part of BDO,” notes former SECOZ founder and CEO Ophir Zilbiger, now a BDO Israel Partner and Head of the firm’s Cyber Security Center. “We have seen an evolution from what was called information security in past years to what is now cyber security. This evolution came early here in Israel due to the fact that we produce so many cyber-trained people, thanks in large part to the training provided in our armed forces. Clients here are very aggressive and early adopters of new security technology. We believe our early experiences in this burgeoning field will help differentiate us in the global market.”
Zilbiger notes that not only has the nature of information system security evolved in recent years, so too has the type of clients. “Our largest clients in the past have been financial services, telecom, and the technology sector,” he says. “We have seen a shift from what I would call traditional security clients to a wider range of clients, due to the ubiquitous nature of cyber crime today. We are seeing many more government organizations, as well as more manufacturers who are late adopters, but now committed to cyber security.”
According to Fisher, ArcSight ESM and ArcSight Data Platform have enabled the new MSSP/ MDR to dramatically reduce false alarms for their clients. “ArcSight allows the most flexible correlation infrastructure, which means that the majority of false positives that have logged artifacts can be improved and honed,” he explains.
“With ArcSight, we create or use scenarios that are based on hypotheses that were created using over a decade of client experiences,” Fisher notes. “Once these scenarios are manifested, we are able to reduce false positives to a very low percentage. For instance, we can quickly reduce false positives by tenfold as we hone correlations over a short time.”
He notes that for a client with 1,000 users, BDO would use ArcSight Data Platform to collect approximately 30 million log lines (events) per day, and use ArcSight ESM to create an average of less than 10 alerts per day. “Our goal is to chase down false positives once, and then automate the procedure,” Fisher says.
He gives this example: “Perhaps we decide that we want to reduce the amount of alerts associated with accessing suspicious websites because we’re getting 50 percent false positives. We might use ArcSight to automate the website checkup so that only websites that were considered ‘bad’ by two antivirus vendors actually invoke an investigation. ArcSight ingests the antivirus result data and our analysts get only sites that are flagged by both threat intelligence and antivirus. The magic here is that we control the amount of false positives by tuning and understanding what works best for us – ArcSight is flexible enough to allow us to do that.”
The BDO Cyber Security Center employs a combination of manual and automated techniques to ingest cyber threat intelligence (CTI) into ArcSight ESM, including indicators of compromise (IOCs) relating to malware such as WannaCry. “The automatic insertion of CTI is based on selected open source feeds ingested daily, parsed, and moved into dynamic lists within ArcSight ESM,” says Fisher. “We also manually insert CTI based on reports and artifacts reported in the media or from closed groups, but not widely available in lists of IOCs or indicators of attack (IOAs).”
IOC and IOA lists are cross-correlated within ArcSight with various devices in real time, which could include firewalls, proxies, and mail relays. The night that WannaCry was initially detected, the BDO team read the reports and inserted the indicators into the manual threat intelligence list. Two weeks later, they received a WannaCry alert from a client system. Because the client’s locations were mapped in ArcSight, the BDO team was able to pinpoint the specific floor and device. The local helpdesk disconnected the system for further investigation. It turned out that the IP address involved was associated with WannaCry, but not actually infected by the malware.
“We erred on the side of safety in this case due to the potential high impact,” says Fisher.
Israel’s new MSSP/MDR offering can save clients hundreds of thousands of dollars in capital expenses when compared to the investment required to build an in-house capability.
“The number one challenge is the global shortage of skilled cyber security professionals,” Fisher notes. “Although MSSPs are popping up everywhere, most are not as deeply focused as we are on detection and response. Clients would have to invest at least three to five times as much as they spend on our service to build their own cyber security organization, that is if they could even find people with the needed skill sets.”
Zilbiger concludes, “We have partnered with [Micro Focus] on a global basis to achieve our goals for the BDO Cyber Security Center and our MSSP/ MDR offering. We have worked with [them] for many years and found that [their] experience and willingness to support us as a true partner has been a key to our success. Again, thanks to the technical maturity of ArcSight and our experience with the solution, we are able to provide a service that is applicable anywhere in the world and scalable to meet the needs of even the largest enterprises.”

BDO Israel is spearheading the global accounting giant’s worldwide marketing efforts for a new managed security service focused on detection and response. As a hotbed of cyber security startups and innovations, Israel offers the ideal environment, including a pool of cyber experts to lead the effort.