As ArcSight customers expand their security focus from perimeter defense to insider threats and compliance, the first device they typically look at is Microsoft Windows. Microsoft Windows Servers provide a critical capability in most environments by managing their users, files, and systems. However, if you spend any time with the Windows Security Log you know that it’s an undocumented mess full of inconsistencies, noise, false positives and cryptic codes. This makes implementing content difficult and problematic unless an organization maintains a staff with exceptional Windows and ArcSight expertise.
Ultimate Windows Security and ThetaPoint have joined forces to solve this problem. The joint effort brings years of Windows and ArcSight experience together to offer a comprehensive solution that provides organizations with the resources necessary to build a proactive monitoring and compliance program for their Microsoft environment.
Randy Franklin Smith is a highly trusted subject matter expert on the Windows security log and publishes UltimateWindowsSecurity.com (UWS). UWS spent years reverse engineering the events in the security log and isolating the arcane patterns that help you filter out the noise and mine the real gold that the Windows security log has to offer.
UWS codified this knowledge into the Security Log Resource and Rosetta Audit Logging Kits for Windows and Active Directory. The kits are a collection of training modules, reference materials, design specifications, and expert guidance designed for end users to implement within their SIEM.
The team at ThetaPoint has taken these resources and incorporated the knowledge, best practices, and recommendations into a turnkey solution for the ArcSight platform. UWS for ArcSight instantly gives ArcSight users all the power and knowledge of Windows Security Log and Rosetta Auditing Kits in a simple to use Solution.
The Ultimate Windows Security for ArcSight Solution Package includes an ArcSight Content Pack, Security Log Resource Kit, Rosetta Audit Logging Kit, and access to Randy Franklin Smith and ThetaPoint Consultants.
UWS for ArcSight will jumpstart your ability to understand, monitor, alert, and conduct incident response leveraging ArcSight ESM for your Microsoft Server and Active Directory environment.
Ultimate Windows Security for ArcSight implements many of the best practices and recommendations as documented in the Security Log Resource and Rosetta Audit Logging Kits. It is built using all your favorite ArcSight ESM features and seamlessly integrates into any environment where you are using the ArcSight Windows Unified SmartConnector and ArcSight ESM or Express. The installation and configuration time is typically less than 10 minutes.
The content pack leverages ArcSight Resource Bundles (ARB). The content package includes a full solutions and installation guide along with 600+ ESM resources including Rules, Reports, Trends, Dashboards, Active Channels, and others.
For more information on this or other ThetaPoint Service Offerings, please contact us.