Sqrrl Delivers the First Threat Hunting Solution for HPE Security ArcSight

Share Article

Sqrrl announces partnership with HPE to fully integrate its threat hunting platform with the HPE ArcSight SIEM. This is the first threat hunting solution for HPE ArcSight and enables HPE ArcSight customers to take a more proactive approach to threat detection.

Sqrrl - HPE ArcSight
“...Sqrrl’s automated hunting and iterative search functions help our customers’ security analysts proactively identify potential threats before further damage occurs” said Chandra Rangan, Vice President Marketing, HPE Security Products.

Today, Sqrrl announced its integration with HPE Security ArcSight. The technology partnership marks the release of the first threat hunting solution for ArcSight. The Sqrrl Threat Hunting Solution for HPE Security ArcSight extends the HPE Security ArcSight platform with automated hunting and behavioral analytics capabilities that empower security analysts to become skilled threat hunters.

Threat hunting is the proactive and iterative search for threats that have evaded other security defenses. A recent SANS Institute survey identified that 86% of security organizations are now threat hunting using a variety of exploratory and algorithmic data analysis techniques. Sqrrl is the established market leader for threat hunting and is the first purpose-built platform for threat hunting.

“Threat Hunting is a critical new capability that has quickly gained traction with Security Operations Centers around the world,” says Sqrrl CEO Mark Terenzoni. “Integration with HPE Security ArcSight is an important step for Sqrrl, as it aligns our industry leading threat hunting capabilities with the leadership and deep market penetration of HPE’s SIEM solution and its current evolution to address the most advanced threats.”

The Sqrrl platform fuses HPE’s native ArcSight Data Platform data sources with other contextual data to generate an enterprise Behavior Graph, a unique visual environment for analyzing advanced adversarial behaviors across petabytes of data. ArcSight users will also benefit from Sqrrl’s kill chain analytics. These machine learning-powered analytics provide greater context and focus to hunts. Results of Sqrrl’s threat hunting and analytics are sent back to HPE ArcSight ESM where potential threats can be prioritized, investigated, and remediated.

“Security operations organizations can take up to seven months to detect a breach using traditional methods,” said Chandra Rangan, Vice President, Marketing, HPE Security Products, Hewlett Packard Enterprise. “ArcSight’s real-time correlation and rapid threat detection, along with Sqrrl’s automated hunting and iterative search functions help our customers’ security analysts proactively identify potential threats before further damage occurs.”

Features of the Sqrrl Threat Hunting Solution for HPE Security ArcSight include:

  • Direct integration with the ArcSight Data Platform simplifies data sourcing
  • Visual modeling of adversarial behaviors enriched with ESM user, asset and event context
  • ArcSight integration commands for launching Sqrrl hunts
  • Native ArcSight content for display of transported Sqrrl analytics back to ArcSight

To learn more, download the Sqrrl Threat Hunting Solution for HPE Security ArcSight, download the Sqrrl Test Drive VM, and/or request a demo of Sqrrl.

About Sqrrl
Sqrrl is the security analytics company that enables organizations to target, hunt, and disrupt advanced cyber threats. Sqrrl’s industry-leading threat detection and response platform unites threat hunting, behavioral analytics, and incident investigation capabilities in an integrated solution. Sqrrl’s unique platform approach enables security analysts to discover threats faster and reduces the time and resources required to investigate them.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Ely Kahn
Sqrrl
617-902-0784
Email >
Follow us on
Visit website