Freely subscribe to our NEWSLETTER

These new products leverage Aveksa’s unique Security Integration Fabric™, enabling enterprises to extend Identity and Access business context across many IT security-related areas. For example, Aveksa’s Identity and Access Management (IAM) solutions can now provide bi-directional interoperability with Security Information and Event Management (SIEM) systems, such as the HP ArcSight Security Intelligence platform.

With Aveksa’s new Business Insight for HP ArcSight, customers can now have access to the full business context for identities, users and activities, all within the HP ArcSight solution. By using the full set of identity information collected and maintained by Aveksa, enterprises can make better decisions, and better respond to today’s security threats. For example, organizations can detect and alert policy rule violations, such as when a user from one department performs activities normally restricted to users from another department.

Specific new capabilities enabled within SIEM systems include:

· A consolidated view of identities across all key enterprise systems within HP ArcSight – unifying identity information across Active Directory, Unix, custom applications and traditional Identity Management systems

· Ability to automatically map cryptic application user IDs to easily understandable names, departments and roles

· Ability to categorize and detect critical events based on user context

· Ability to use Aveksa’s complete identity, entitlement and role information within HP ArcSight’s rules and reporting system

· Ability to “right-click” from within HP ArcSight and navigate directly to full user information within the Aveksa product

In addition, Aveksa’s new Activity Insight Manager leverages real-time activity and threat intelligence for true closed-loop validation and enforcement of enterprise access control processes. Enterprises can now detect granting or usage of sensitive entitlements, and validate whether they have been granted in compliance with corporate access request policies and processes. Unauthorized privileges will be immediately flagged, allowing for rapid follow-up and removal. New capabilities include:

· Real-time detection of sensitive entitlements and privilege changes

· Automated validation that detected access changes comply with access policies and processes

· Workflows for immediate escalation and remediation of unauthorized access rights

According to Gartner Analyst Mark Nicolett in his research report entitled Effective Security Monitoring Requires Context [1], “The rapid discovery of a breach is key to minimizing the damage of a targeted attack, but most organizations do not have adequate breach detection capabilities. The addition of user, data and application context to security event data will increase your ability to discern abnormal activity that is associated with a breach from the background noise of normal activity.”