PASADENA, Calif.--(BUSINESS WIRE)--Guidance Software Inc. (NASDAQ:GUID), the World Leader in Digital Investigations™, announced today that its EnCase® Cybersecurity product has demonstrated interoperability with HP ArcSight Enterprise Security Manager (ESM) and has received HP ArcSight Action Connector Certification.
“The interoperability of HP ArcSight ESM with EnCase Cybersecurity provides customers with critical visibility into the state of potentially affected hosts at the time an attack is detected, along with the means to dramatically reduce the time it takes to resolve.”
The interoperability of EnCase Cybersecurity with HP ArcSight is the first-of-its-kind to automate incident response between event prioritization and time-sensitive response actions. This interoperability can reduce cyber attack response and remediation time to a matter of minutes or hours, from days or weeks.
“Cyber incidents are costing enterprises millions of dollars, countless staff hours and incalculable reputational damage,” said Alex Andrianopoulos, Guidance Software Vice President of Marketing. “The spike in cyber incident volumes has intensified the need for rapid and comprehensive capture, review and analysis of endpoint data at the moment of a security alert. We were pleased to work with HP on delivering technology that gives IT security teams what they need for the fastest possible response to incidents at every threat level.”
The interoperability of EnCase Cybersecurity with HP ArcSight ESM enables the automation of four areas of incident response.
First is immediate forensic auto-capture of live system memory in order to validate detected threats and capture host-based threat data that would otherwise be lost.
Second is capturing Internet history, artifacts and cache files in response to events leveraging browser-based vulnerabilities, data exfiltration through file-sharing services, or in response to inappropriate browsing alerts.
Third is that IT security teams can now instantly prioritize response, giving them the ability to better manage the thousands of alerts that occur daily and maximize their impact. Incident response automation provides information on an attack in minutes, allowing security teams to scan for attacks on sensitive or controlled information and make those the top priority.
Finally, security teams can conduct forensic audits against white- or blacklists in order to expose unknown processes and files, or to scan for exact and similar matches to previously detected threats.
“Organizations are spending an increasing amount of time with limited resources responding to, and recovering from, cyber attacks,” said Buck Watia, Director, Business Development, Enterprise Security Products, HP. “The interoperability of HP ArcSight ESM with EnCase Cybersecurity provides customers with critical visibility into the state of potentially affected hosts at the time an attack is detected, along with the means to dramatically reduce the time it takes to resolve.”
IT security managers can run these EnCase Cybersecurity functions from within HP ArcSight ESM with a few mouse clicks, or can set them to run as automatic processes when an incident triggers a security alert. This closes a critical gap that exists between network security, incident response and investigation teams while reducing overall time and costs related to incident management and response.
EnCase Cybersecurity is available now and the Action Connector delivering the integrated capabilities above can be obtained via the HP ArcSight Customer Portal under Guidance Software. Additional automated-response options can be configured by Guidance Software Professional Services. More information on the combined solution is available at http://www.guidancesoftware.com/automatic-response.htm.
About EnCase Cybersecurity
EnCase Cybersecurity is the endpoint incident response and data auditing software solution designed to reduce costs and complexities associated with the incident response process and to reduce the risk of exposing sensitive data to loss or theft. EnCase Cybersecurity helps prioritize analysis of potentially infected systems, determine source and scope of an incident, identify potential data-loss scenarios, and minimize time to remediation.
About Guidance Software, Inc.
Guidance Software is recognized worldwide as the industry leader in digital investigative solutions. Its EnCase® platform, with more than 40,000 licenses distributed worldwide, provides the foundation for government, corporate, and law-enforcement organizations to conduct thorough, network-enabled, and court-validated computer investigations of any kind, such as responding to e-discovery requests, conducting internal investigations, responding to regulatory inquiries, or performing data and compliance auditing - all while maintaining the integrity of the data. The EnCase Enterprise platform is used by numerous Federal Civilian and Defense agencies, more than 65 of the Fortune 100, and thousands attend Guidance Software's renowned training programs annually. For more information about Guidance Software, visit www.guidancesoftware.com.
EnCase®, EnScript®, FastBloc®, EnCE®, EnCEP®, CaseCentral®, CaseCentral eDiscovery Cloud®, Guidance Software™, and Tableau™ are registered trademarks or trademarks owned by Guidance Software in the United States and other jurisdictions and may not be used without prior written permission. All other trademarks and copyrights referenced in this press release are the property of their respective owners.