OpenText인 이유
OpenText인 이유
개요OpenText인 이유
OpenText는 수십 년간의 전문 지식을 통해 데이터를 활용하고, 사람과 프로세스를 연결하며, 신뢰할 수 있는 AI를 강화합니다
데이터 관리 및 연결
기업 전체의 데이터를 매끄럽게 통합하여 정보 단절을 없애고, 협업을 강화하며, 리스크를 최소화하세요
AI가 활용 가능한 정보
데이터를 AI가 활용 가능하고 구조화되고, 접근 가능한, 최적화된 정보로 변환하세요
내장 보안 및 규정 준수
규제 및 준수 요구 사항을 충족하고 정보의 수명 주기 전반에 걸쳐 보호하세요
직원 역량 강화
개요직원 역량 강화
OpenText는 사람들이 콘텐츠를 관리하고, 작업을 자동화하며, AI를 사용하고, 협업하여 생산성을 높일 수 있도록 지원합니다
고객
전 세계 수천 개의 기업이 OpenText의 혁신적인 솔루션으로 성공을 거두고 있는 방법을 확인해 보세요
직원
직원은 OpenText의 가장 큰 자산으로, OpenText 브랜드와 가치의 생명입니다.
기업의 사회적 책임
OpenText가 사회적 목표를 발전시키고 긍정적인 변화를 가속화하기 위해 어떤 노력을 하고 있는지 알아보세요
파트너
디지털 혁신을 이루기 최적인 솔루션과 전문성을 갖춘 OpenText 파트너를 만나보세요
AI 리더십
개요Aviator AI
새로운 방식으로 정보 보기
OpenText™ Aviator™ AI
비즈니스, 데이터 및 목표를 파악하는 AI
OpenText™ MyAviator
더 빠른 의사 결정을 만나보세요. 안전한 개인 AI 비서가 업무를 시작할 준비가 되었습니다.
OpenText™ Business Network Aviator™
공급망을 위한 생성형 AI로 더 나은 인사이트를 얻어보세요.
OpenText™ Content Aviator™
AI 콘텐츠 관리 및 지능형 AI 콘텐츠 어시스턴트를 통해 효율적으로 작업하세요.
OpenText™ DevOps Aviator™
더 빠른 앱 제공, 개발 및 자동화된 소프트웨어 테스트를 만나보세요.
OpenText™ Experience Aviator™
고객 성공을 위해 고객 커뮤니케이션과 경험을 개선해 보세요.
OpenText™ Service Management Aviator™
사용자, 서비스 상담원 및 IT 직원이 필요한 답을 찾을 수 있도록 권한을 부여하세요.
Aviator AI
개요Aviator AI
새로운 방식으로 정보 보기
OpenText™ Aviator™ AI
비즈니스, 데이터 및 목표를 파악하는 AI
OpenText™ MyAviator
더 빠른 의사 결정을 만나보세요. 안전한 개인 AI 비서가 업무를 시작할 준비가 되었습니다.
OpenText™ Business Network Aviator™
공급망을 위한 생성형 AI로 더 나은 인사이트를 얻어보세요.
OpenText™ Content Aviator™
AI 콘텐츠 관리 및 지능형 AI 콘텐츠 어시스턴트를 통해 효율적으로 작업하세요.
OpenText™ DevOps Aviator™
더 빠른 앱 제공, 개발 및 자동화된 소프트웨어 테스트를 만나보세요.
OpenText™ Experience Aviator™
고객 성공을 위해 고객 커뮤니케이션과 경험을 개선해 보세요.
OpenText™ Service Management Aviator™
사용자, 서비스 상담원 및 IT 직원이 필요한 답을 찾을 수 있도록 권한을 부여하세요.
비즈니스 네트워크
개요Business Network
한 번만 연결하면 안전한 B2B 통합 플랫폼으로 모든 대상과 연결할 수 있습니다.
콘텐츠
개요Content
AI가 활용 가능한 콘텐츠 관리 솔루션으로 지식 재구성
사이버 보안
개요Cybersecurity
기업 보호를 위한 통합 사이버 보안 솔루션
DevOps
개요DevOps
AI 기반 DevOps 자동화, 테스트 및 품질을 통해 더 나은 소프트웨어를 더 빠르게 제공
Experience and Fax
개요Experience and Fax
잊을 수 없는 고객 경험으로 대화 재창조
관측 가능성 및 서비스 관리
개요Observability and Service Management
IT 운영의 비용과 복잡성을 줄이기 위해 필요한 명확성 확보
API
개요APIs
검증된 OpenText 정보 관리 기술을 사용하여 맞춤형 애플리케이션 구축
OpenText™ API Services
사용자 정의 애플리케이션 및 워크플로를 지원하는 실시간 정보 흐름을 제공하는 OpenText Cloud API를 사용하여 원하는 방식으로 구축
신뢰할 수 있는 데이터 및 AI
개요신뢰할 수 있는 데이터 및 AI
안전한 정보 관리가 신뢰할 수 있는 AI를 만나다
OpenText AI Data Platform
데이터와 AI의 신뢰를 높이는 통합 데이터 프레임워크
OpenText™ Aviator™ Studio
데이터 언어로 에이전트를 구축, 배포 및 반복할 수 있는 공간
OpenText Discovery
AI를 강화하기 위해 데이터 수집 및 메타데이터 태그 지정 자동화를 지원하는 도구 세트
OpenText Data Compliance
거버넌스를 사전 예방적이고 지속 가능하게 만드는 서비스 및 API 제품군
OpenText Aviator AI Services
AI 여정을 도와주는 전문 서비스 전문가
인공 지능
개요Aviator AI
새로운 방식으로 정보 보기
OpenText™ Aviator™ AI
비즈니스, 데이터 및 목표를 파악하는 AI
OpenText™ MyAviator
더 빠른 의사 결정을 만나보세요. 안전한 개인 AI 비서가 업무를 시작할 준비가 되었습니다.
OpenText™ Business Network Aviator™
공급망을 위한 생성형 AI로 더 나은 인사이트를 얻어보세요.
OpenText™ Content Aviator™
AI 콘텐츠 관리 및 지능형 AI 콘텐츠 어시스턴트를 통해 효율적으로 작업하세요.
OpenText™ DevOps Aviator™
더 빠른 앱 제공, 개발 및 자동화된 소프트웨어 테스트를 만나보세요.
OpenText™ Experience Aviator™
고객 성공을 위해 고객 커뮤니케이션과 경험을 개선해 보세요.
OpenText™ Service Management Aviator™
사용자, 서비스 상담원 및 IT 직원이 필요한 답을 찾을 수 있도록 권한을 부여하세요.
클라우드 파트너
개요클라우드 파트너
OpenText는 주요 클라우드 인프라 제공업체와 협력하여 어디서나 OpenText 솔루션을 실행할 수 있는 유연성을 제공합니다
엔터프라이즈 애플리케이션 파트너
개요엔터프라이즈 애플리케이션 파트너
OpenText는 최고의 엔터프라이즈 앱 제공업체와 협력하여 비정형 데이터를 활용함으로써 더 나은 비즈니스 인사이트를 제공합니다
Rabobank
Rabobank outsmarts advanced persistent threats with ArcSight ESM. This international bank now uncovers cyber threats with enterprise security management
Products and services
Outcomes
- Strengthened network security management with more accurate event correlation and threat detection
- Improved security management team productivity and effectiveness
- Brought entire security posture to a higher level
Challenge
Build more sophisticated use cases to improve accuracy of identifying advanced persistent threats (APTs) for a more timely and targeted response.
Like all financial institutions today, Rabobank is barraged on a daily basis with cyber threats from every imaginable vector. Phishing schemes and malware are a constant nuisance, but the biggest challenge comes from advanced persistent threats—stealthy, continuous hacking attacks by very clever cyber criminals. APTs are often difficult to detect and may be active in a network for months until they are found. At that point, however, damage in the form of data loss or business disruption may already have been inflicted.
For years Rabobank relied on RSA enVision to analyze security alerts. To improve productivity and effectiveness of its security management team, Rabobank needed to build much more sophisticated use cases to provide contextual relevance around security alerts. However, enVision did not provide the necessary capabilities, and new developments from RSA were slow in coming to market.
Details
With the volume and sophistication of APTs on the rise, Rabobank needed to build more complex use cases in its security information & event management (SIEM) solution to improve the accuracy of event correlation and threat detection. By implementing ArcSight Enterprise Security Manager (ESM), Rabobank now correlates a million security logs per day from thousands of data feeds across the enterprise. Using ESM the bank created dozens of advanced use cases to quickly identify abnormal behavior or untrusted devices on its network with a high degree of accuracy. This allows Rabobank to uncover threats that would previously have gone undetected, strengthening security while improving productivity and effectiveness of its security management team.
Leveraging its unparalleled knowledge in the food and agriculture industry, Rabobank is on a mission to build wealth and prosperity in the Netherlands while resolving food issues worldwide. To fulfill that ambition, it must ensure the highest security for its information network.
“ESM reveals security events to us that we were never able to detect before. We’re very happy with ESM and confident we can find threats before they compromise our network or disrupt business. ArcSight provides critical insurance against the damage modern cyber-attacks can inflict on an organization.
솔루션
To address its mounting security management needs, Rabobank considered alternatives to RSA, including ArcSight and IBM Qradar. After an intensive evaluation of both tools, the bank chose ArcSight ESM for its robust SIEM capabilities.
Mark Beerends, head of security operations center at Rabobank, explains, “What stood out most about ArcSight ESM was the ability to build very complex use cases. However, we also saw added advantages in being able to integrate ESM with our other Micro Focus (now OpenText) solutions like Micro Focus (now OpenText) Service Manager, which collects a huge amount of data on IT service activity.”
High availability security monitoring
Rabobank deployed three instances of ArcSight ESM, one instance in each of the bank’s two data centers in the Netherlands to ensure high availability and disaster recovery, as well as a third instance for test and development.
The SIEM is so vital to daily operations that Rabobank wanted to ensure that production security monitoring would never be down for more than an hour in the event of a site loss. The test and development instance enables Rabobank’s security management team to run new or updated use cases to understand any impacts of a change before putting the use case into production.
In production, ArcSight ESM collects approximately one million security logs per day from data streams generated by 3,000 HPE ProLiant servers running Microsoft Windows, another 1,000 HPE ProLiant servers running Linux, and more than a dozen HPE Integrity Non stop blade system NB54000c servers.
Rabobank also runs other ArcSight ESM software, Fortify on Demand, and HPE TippingPoint* for application security testing. Beerends notes, “If we discover something in ESM that presents a security threat, it’s easy to add a filter to TippingPoint to block that threat before it has a chance to cause problems on our network. The next step is integration of SIEM and IPS (intrusion prevention system) functions, but that will take time.”
결과
Supports complex use cases for more accurate threat detection
Since deploying ArcSight ESM, Rabobank has developed 30–40 complex use cases, greatly improving the accuracy of event correlation and security alerts. These use cases provide important context so the security management team knows whether an alert requires immediate action or not.
For example, a mistyped password is not necessarily a concern. But knowing that a login attempt is being made at an unusual time of day or from an overseas IP address indicates that a much more serious threat may be at play. Ultimately, this level of detail will reduce the number of false positives and strengthen security across Rabobank’s network.
“ESM provides more options to correlate events from many different feeds,” says Beerends. “Better correlation means higher accuracy in detecting threats. That helps our security analysts know where and when to act. The best thing is we’re logging all the data feeds we need, so we can quickly implement new use cases as needed.”
One example of a recently developed use case is identifying rogue devices on the Rabobank network. The bank runs an open network, which allows anyone in the organization to connect using a personal device. However, cyber criminals could take advantage of this openness to hack into the network. To prevent such activity, Rabobank uses ESM to correlate data from its DHCP servers, Microsoft Active Directory, and network environment to determine if a device is trusted or not.
Integration between ArcSight ESM and Service Manager has also proven key. This provides Rabobank with insight directly into IT service activity, so if a level one alert occurs on an application, the security management team can immediately determine the seriousness of the threat without manually transferring information into the SIEM.
“With the amount of integration and correlation we can now have, ESM brings our security posture to a higher level,” Beerends remarks.
In addition to managing security risk, Rabobank also uses ArcSight ESM compliance reporting to meet regulatory compliance requirements. For example, the bank must be able to prove that system administrators are following proper procedures. Every week ArcSight ESM reports on all administrator activity, allowing Rabobank to easily demonstrate compliance.
Valuable insurance against damaging cyber attacks
As a retail bank, Rabobank is a popular target for cyber criminals who are constantly presenting new and more difficult-to-detect attacks. Moreover, the number of attacks continues to rise steadily every year. But with ArcSight ESM, Rabobank now has a powerful enterprise security management solution to uncover even the most sophisticated APTs and other cyber threats to protect its network and valuable information assets.
Beerends concludes, “ESM reveals security events to us that we were never able to detect before. We’re happy with ESM and confident we can find threats before they compromise our network or disrupt business. ArcSight provides critical insurance against the damage modern cyber-attacks can inflict on an organization.”
About Rabobank
Rabobank is one of the largest cooperative banking organizations in the world. Founded in the 19th century by a group of farmers, Rabobank has grown from its agricultural roots in the Netherlands to become an international financial services provider, active in banking, asset management, leasing, insurance, and real estate.
