For organizations that plan to build a full SOC but aren’t there yet, ArcSight Recon is an excellent option with its own analytics engine and can expand as needed.

Security professionals familiar with ArcSight will recognize features from ArcSight Logger and ArcSight Investigate. These features have been preserved and fashioned into one cohesive storage and analytics solution. Features such as compliance reporting, MITRE ATT&CK reports, and data visualizations are all a part of ArcSight Recon. In fact, existing ArcSight customers with Logger and/or Investigate can upgrade to ArcSight Recon free of charge. This is yet another demonstration of ArcSight’s commitment to simplicity and intelligence in security.