Briefs

May 25, 2004. ArcSight this week detailed a new software product, TruThreat Discovery, that combines data mining technology with security to more effectively evaluate security threats.

TruThreat Discovery focuses on picking out patterns, such as a sequence of activities between a source and target, to help identify threats. Such potential threats include: Day Zero attacks, low and slow attacks, and insider threats.

Lunetta said that the software does more than just packet inspection. "It's the data mining of event flow. We deal at a much higher level than packets represent," he said.

TruThreat also spots known security trends by using the company's correlation engine, which is where all alerts and alarms are collected.

Scott Crawford, an analyst with Enterprise Management Associates said that the new product fits into the burgeoning security information management (SIM) space.

Here is the rest of the story.