WASHINGTON, Sep 13, 2011 (BUSINESS WIRE) — Layer 7 Technologies, the leader in Gateways for security enforcement and governance across SOA, cloud and mobile environments, today announced that the Layer 7 SecureSpanTM and CloudSpanTM product suites earned certification for the HP ArcSight Common Event Format (CEF) specification. This certification allows events and identities associated with external entities to be mapped to known internal identities for additional correlation of security information.
As a leading provider of Security Information and Event Management (SIEM) technology, HP ArcSight provides correlation and universal log management, compliance reporting and security intelligence to enable the rapid detection and management of cyberattacks and insider threats. Pattern analysis of identity-enriched log messages and integration with enterprise identity stores produce reports and dashboards for monitoring and correcting unauthorized behavior.
Layer 7’s application-aware SOA and cloud Gateways strengthen the HP ArcSight platform’s visibility into user activity within cloud-based services that exist outside the traditional enterprise boundaries. These Gateways protect externally exposed APIs and have unique insight into the actions of both internal and external identities. They support a wide variety of credential types, authentication servers and authorization mechanisms, and expose an onboard WS-Trust Security Token Service (STS) for additional credential mapping. Layer 7 employs user IDs, roles and attributes to enrich log events containing transaction content and runtime metadata, providing an end-to-end view of application usage and vulnerabilities within the ArcSight suite of products.
“The HP ArcSight CEF certification of Layer 7’s Gateways immediately allows customers to extend their awareness of security threats and malicious users to include external partners, cloud applications and other potentially risky service consumers,” said Dimitri Sirota, vice president of channels at Layer 7 Technologies. “Our expertise in identity federation across network boundaries and disparate access control systems enables security-conscious entities to confidently bridge on-premise applications with external interfaces in the cloud or on mobile platforms, and also gives security administrators a much clearer picture of their end-to-end defense posture.”
With Layer 7’s CEF integration, enterprises can:
— Monitor user activity in cloud-based services at the service API execution level with the HP ArcSight platform;
— Identify business risks by correlating user-activity in cloud-based services with other enterprise activity;
— Monitor real-time security threats and vulnerabilities within exposed applications; and
— Respond to subsequent known security threats by erecting new security policies within Layer 7 Gateways.
“Networks are no longer bound by traditional enterprise perimeters, as mission-critical data is increasingly exposed to partner, mobile and cloud applications through APIs and other standards-based service interfaces,” said Dan Barahona, vice president of business development at HP ArcSight. “By linking the HP ArcSight ETRM platform with Layer 7 Gateways deployed on-premise or in the cloud, organizations can enforce API security policies and gain visibility into potential external threats.”
Layer 7 will be discussing its HP ArcSight integration in booth 37 at the HP Protect 2011 Conference at the Gaylord National Hotel, National Harbor, Md, on September 11-14. For more information about HP Protect 2011, please visit http://www.arcsight.com/protect2011/ .
About Layer 7 Technologies
Layer 7 Technologies helps enterprises secure and govern interactions between their organization and the services they use in the cloud; across the Internet; and out to mobile devices. Through its award-winning line of SOA Gateways, Cloud Brokers and API Proxies, Layer 7 gives enterprises the ability to control identity, data security, SLA and visibility requirements for sharing application data and functionality across organizational boundaries. With more than 150 customers spanning six continents, Layer 7 supports the most demanding commercial and government organizations. Layer 7 solutions are FIPS compliant, STIG vulnerability tested and have met Common Criteria EAL4+ security assurance.
SOURCE: Layer 7 Technologies