Understanding the ArcSight Services

Your ArcSight SIEM as a Service environment can include the following plug-in services:

• ArcSight Log Management and Compliance

• Real-time Threat Detection

ArcSight Log Management and Compliance service

ArcSight Log Management and Compliance provides a modern log search and hunt solution powered by a high-performance, column-oriented, clustered database. With the Outlier Analytics feature you can identify anomalous behavior by comparing incoming event values to typical values for your environment. For more information, see the Help in the product or the User's Guide for ArcSight SIEM as Service on the documentation site for ArcSight.

Real-time Threat Detection service

Real-time Threat Detection analyzes and correlates every event that occurs across the organization to deliver accurate prioritization of security risks and compliance violations. Real-time Threat Detection provides a Big Data analytics approach to enterprise security, transforming Big Data into actionable intelligence.

Real-time Threat Detection combines traditional security event monitoring with network intelligence, context correlation, anomaly detection, historical analysis tools, and automated remediation. Real-time Threat Detection is a multi-level solution that provides tools for network security analysts, system administrators, and business users.