.
Over the past few weeks, I’ve been giving a very similar presentation, to different audiences, when I’m asked to talk about the need for Collection across an enterprise.  The attached diagram illustrates some of the flaws that come with relying on “point solutions” to provide enterprise visibility.  Each technology has it’s inherent blind spots, but in conjunction with one another and a few other tools - namely Full Packet Capture, Log Management and SIEM you can provide your Detection team the ultimate information set for analysis and reduce your time to Incident Identification.  This blog highlights some of the requirements for successfully establishing an effective Collection.

ArcSight User Conference Keynote Presentation by Hugh Njemanze focused on Logger v3.0 to be released in the very near future.

I’ll be posting my notes and comments from this years ArcSight User Conference Notes over a few blog entries this week.
This is the first entry:  Major ArcSight Organizational announcements

I downloaded Google Chrome today here are my first observations… and 1 or 2 “hidden features” I found