Cyber log analytics

Cybersecurity Log Analytics with SQream DB

Location
Global

Industry
Cybersecurity

Size
25,000 employees

Speeding up SIEM apps like HP ArcSight with a faster, easier to use GPU-powered analytics database

A global market-leader, providing customer experience software solutions and services deployed SQream DB alongside their existing HP ArcSight (SIEM) solution, to store more data and analyze historical data alongside live data at high speed.

The current SIEM system was not scalable enough for the vendor

HP ArcSight is a security analytics and intelligence software for Security Information Event Management, or SIEM. The system gave slow access to the insights. This made it unsuitable for long-term use.

Because decisions were being made only on short-term live data, instead of live data as well as longer-term historical data, it was ultimately not adequate for the requirements.

Constant flow of data from ArcSight to SQream DB

 New System Architecture, with SQream DB

The new solution, built around SQream DB, pulls data directly from HP ArcSight using the SQream Technologies developed native HP Arc Sight connector. The solution retains HP ArcSight, adding SQream DB as a speed layer, which allows constant data flow between ArcSight and SQream DB.

By installing SQream DB, the vendor can now identify multi-stage breach patterns, improving the ROC curve over a broader range of events.

Download this case study to learn more

Download the full case study PDF

or go back to the cybersecurity industry page