• Have questions about this item?

  • Contact us

Description

Seclytics Augur is the first and only Predictive Threat Intelligence Platform (TIP). While other TIPs identify and alert, Augur raises the bar by predicting attacks and adjusting your security posture to block threats before they get to your network. The Seclytics Augur integration with Arcsight provides a simple and easy-to-setup way to incorporate Augur’s predictive intelligence into the ArcSight SIEM, which provides the SOC with unparalleled threat enrichment and reporting capabilities before their organizations are targeted with attacks.

Use Cases

This section describes important use cases supported by this integration.

  • Predictive threat enrichment and reporting
  • Threat attribution and attack infrastructure mapping
  • Automatic prevention and blocking

Predictive threat enrichment and reporting

Current threat intelligence platforms provide enrichment on observables after attacks are launched. Seclytics Augur provides threat enrichment about observables in the set-up stage before attacks are even launched. Leveraging behavioral modeling and machine learning Augur can predict attack infrastructure 51 days in advance with very high accuracy and less than 0.01% false-positive rate.

Threat attribution and attack infrastructure mapping

Current threat intelligence platforms report observables that are associated with single attacks or groups of attacks. Seclytics Augur profiles cyber criminal infrastructure maps it out and provides threat attribution on all infrastructure that is owned by threat actors. Criminal infrastructure includes IP ranges, domain names, hijacked BGP prefixes, and announcing autonomous systems (ASN).

Automatic prevention and blocking

When Seclytics Augur matches threat actor profiles with network logs in the Arcsight SIEM, Arcsight sends the matches to the Augur API to generate blocking rules that can be sent to Firewalls, Email Gateways, DNS servers, and Web proxies for proactive blocking and prevention of attacks. This process is completely automated.

Minimum Requirements

  • ArcSight ESM version 6.11 +
  • Seclytics Augur Access Token


Suggested apps

Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.

Releases

Release
Size
Date
Seclytics Augur ArcSight Integration 1.5.1
8.7 MB
  |  
Apr 21, 2020
More info Less info
Product compatibility
OpenText Enterprise Security Manager
Version 6.11.0
Version 7.0 · 7.2 · 7.3 · 7.4 · 7.5 · 7.6 · 7.7 · 7.8
Release notes

This release will profile both inbound and outbound threats and compromises that matched our prediction. It includes the following items.

  • Active Channel: Shows any correlation events with Seclytics Augur's Predictions.
  • Active List: Stores Seclytics Augur's Predictive IOCs (The content of Threat Intelligence).
  • Filters: Used in rules and queries for event filtering.
  • Integration Commands & Configurations: Adds right-click lookup on IPs to show additional context via Seclytics Augur Dashboard.
  • Queries: Used for capturing events for profiling threats.
  • Query Views: Viewing and retrieving the query results.
  • Rules: Used to mark correlated events.
  • Users: Integration users for API query and threat intelligence feed.
Languages
English
Files

Resources

Seclytics Augur Integration Instructions

Unsubscribe from notifications

You are receiving release updates for this item because you have subscribed to the following products:
If you unsubscribe, you will no longer receive any notifications for these products.
Tip: to update your subscription preferences, go to Manage Subscriptions from your Dashboard, uncheck the products you no longer want to receive notifications for, and click 'Save'.
Unsubscribe Cancel

Marketplace Terms of Service

In order to continue, you must accept the updated Marketplace Terms of Service
Since you are downloading an app from the OpenText Marketplace, you need to accept the updated Marketplace Terms of Service before you can continue. Use the link to review the Marketplace Terms of Service. Once complete check the, "I accept the Marketplace Terms of Service" box below and click accept to continue your download.


Accept Cancel
Your download has begun...

Your download has begun

Related content and resources

Your browser is not supported!

Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox

release-rel-2025-2-1-6322 | Wed Feb 5 16:30:41 PST 2025