Cyber Threat Intelligence needs to be fused with internal data, procedures and processes to help detect malicious behavior more quickly and proactively mitigate potential threats
Amsterdam - September 14, 2016 - EclecticIQ, a global leader of applied Cyber Threat Intelligence technology for enterprise threat analyst teams, today announced their bi-directional security information and event management (SIEM) integration with HPE Security ArcSight Enterprise Security Management (ESM), a SIEM and advanced analytics platform that combined dramatically cuts down the time to detect and respond to threats. EclecticIQ also has joined the HPE Security Technology Alliances Program as a Gold partner.
Security operations center (SOC) teams face challenges with obtaining relevant intelligence and prioritizing the implementation of preventive measures based on observed events in their SIEM. Without relevant threat intelligence inside their SIEM this is cumbersome and manual work, prone to errors. Employing a Threat Intelligence centric-view using internal and external sources, increases efficiency of detection, analysis and response of threats. Effectively reducing resource consumption, increasing co-operation and collaborations across the organization.
EclecticIQ Platform empowers analysts through data fusion, workflow support and by streaming threat intelligence into HPE Security ArcSight. In the instance of a match, aggregated notifications are reported back into EclecticIQ Platform. This drives greater efficiency of threat intelligence, future research and implementation of security measures. EclecticIQ Platform supports a large variety of data formats including industry standard STIX and TAXII.
Making Threat Intelligence actionable for SOC and Incident Response teams helps prioritizing alerts, avoid false positives and automate the addition of context to threat indicators.
The integration has been developed by EclecticIQ partner Perceptive Security, experts in SIEM platforms and customized SOC environments.
Joep Gommers, CEO and Founder of EclecticIQ comments: ’SIEMs were initially designed to identify internal anomalies. Integration with EclecticIQ Platform adds actionable identification of external threats into the SOC.’
Raymon van der Velde, co-founder and VP Product for EclecticIQ, Steven van de Braak from Perceptive Security will present this integration during a session at HPE Protect on September 15 at 3pm ET named ‘Threat intelligence sharing integration with HPE Security ArcSight ESM in a government environment'.
The HPE certified integration between EclecticIQ Platform and HPE ArcSight ESM is available immediately.
EclecticIQ is an applied cyber intelligence technology provider, enabling enterprise security programs and governments to mature a Cyber Threat Intelligence (CTI) practice, and empowering analysts to take back control of their threat reality and to mitigate exposure accordingly.
EclecticIQ’s mission is to restore balance in the fight against cyber adversaries. Its flagship product, EclecticIQ Platform, is a Threat Intelligence Platform (TIP), which enables operationalization of security information exchange, empowers collaborative analyst workflow and ensures timely integration of cyber threat intelligence detection, prevention and response capabilities.
EclecticIQ is headquartered in Amsterdam, the Netherlands, and holds offices in London and Moldova.
For more information: https://www.EclecticIQ.com.