From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Micro Focus ArcSight
Industry Computer software, Cyber security management, Enterprise software
Fate Acquired by Micro Focus
Founded 2000
Headquarters Sunnyvale, California, USA

Micro Focus ArcSight is a cyber security company founded in 2000 that provides big data security analytics and intelligence software for security information and event management (SIEM) and log management solutions.[1] ArcSight is designed to help customers identify and prioritize security threats, organize and track incident response activities, and simplify audit and compliance activities. It became a subsidiary of Hewlett-Packard in 2010. It was merged with Micro Focus on September 1, 2017. ArcSight is headquartered in Sunnyvale, California, USA, with sales offices in other countries.


Front view of ArcSight headquarters in Cupertino, California

ArcSight was incorporated in May 2000. Silicon Valley Internet Capital, an enterprise software incubation and investment firm founded by Robert Shaw, Alex Hern, Mike Santer and Riverson Leonard[2] was the initial lead investor and founders. Alex Daly was the founding CEO, who was previously CEO of Cygnus Solutions, acquired by Red Hat. Hugh Njemanze was the founding CTO.[3] Pravin Kothari was the founding Vice President of Engineering.[4] ArcSight originally was called Wahoo Technologies, while it was a stealth mode startup.

The original business plan was to build a caching and acceleration platform, though, after getting feedback from prospective customers, the founders shifted their strategy to provide security events analysis and correlation. The company was formally named ArcSight in January 2001.

In July 2001, Alex Daly, the founding CEO, ceased working for ArcSight due to health issues, but kept his 10.30% stake in the company as major shareholder.[5] Robert Shaw stepped up to take the position of CEO.

Kleiner Perkins and In-Q-Tel, the US Central Intelligence Agency’s venture-capital arm, became investors via second and third rounds in 2002.[6] Other early investors included Integral Capital Partners, Institutional Venture Partners, New Enterprise Associates, and Samsung Ventures.[7] ArcSight filed for initial public offering on September 11, 2007 and offered its shares on February 14, 2008 under symbol ARST.[5][8] It was the only Silicon Valley company to enter Nasdaq in 2008, during the Great Recession when few other technology companies went public.[9] Tom Reilly was appointed as CEO in 2008.[10] Robert Shaw retired effective October 1, 2008, citing health reasons.

In September 2010, Hewlett-Packard (HP) announced an agreement to acquire ArcSight for approximately $1.5 billion.[11][12]. ArcSight launched version 5.0 of its Logger and ESM technology, as well as IdentityView 2.0.[13] On October 22, 2010, it completed its acquisition.[14][15] ArcSight said it had more than a thousand customers at that time.[16]

On September 7, 2016, HPE CEO Meg Whitman announced that the software assets of Hewlett Packard Enterprise, including Arcsight and the rest of the HP Enterprise Security Products group, would be spun out and then merged with Micro Focus to create an independent company of which HP Enterprise shareholders would retain majority ownership. Micro Focus CEO Kevin Loosemore called the transaction "entirely consistent with our established acquisition strategy and our focus on efficient management of mature infrastructure products" and indicated that Micro Focus intended to "bring the core earnings margin for the mature assets in the deal - about 80 percent of the total - from 21 percent today to Micro Focus's existing 46 percent level within three years."[17] The merge concluded on September 1, 2017

Russian access[edit]

In September 2017, it was reported that Hewlett Packard Enterprise allowed Echelon, a company with ties to the Russian military, to review the software's source code on behalf of the Federal Service for Technical and Export Control.[18][19] Security and intelligence experts, including ArcSight PS Consultants, stated that the decision could allow Russian intelligence agencies to compromise Department of Defense systems.[19]


Core Offerings[20]

  • ArcSight Enterprise Security Manager (ESM): Analyzes different threats within a database and correlates the vulnerabilities based on risk level
  • ArcSight Express: Analyzes threats within a database and correlates the vulnerabilities on a much smaller scale than ESM
  • ArcSight Data Platform (ADP): An open architecture with the flexibility to choose how you store, search, and analyze data
  • ArcSight Investigate: Proactively hunt and defeat unknown threats and decrease the impact of security incidents
  • ArcSight Logger: Streams real-time data and categorizes them into specific logs

Management Offerings[21]

  • ArcSight Management Center (ArcMC): Manages large deployments of ArcSight Loggers, other ArcMCs and connectors through a single consolidated view [22]

Solution Offerings[23]

  • ThreatDetector: Detect unknown threats and attacks using data visualization and analytics [24]
  • ThreatResponseManager (TRM): Integrated end-to-end network and security event monitoring solution that reduces threats triggered across ESM, Express, and RepSM [25]
  • Risk Insight: Enables organizations to understand the business impact of real-time threats detected by ESM [26]
  • Compliance Insight Packages: Establishes a compliance baseline; then measures, manages and reports against deviations [27]


  1. ^ Timothy Prickett Morgan (September 12, 2010). "HP eyes $1.46bn ArcSight security buy: Hey, Dell. Wanna bid higher?". The Register. Retrieved October 9, 2013. 
  2. ^ "SVIC Founder and CEO Robert W. Shaw Joins Zero-Knowledge Systems' Board of Directors". Press release. February 13, 2000. Retrieved October 9, 2013. 
  3. ^ Alex Daly (June 1, 2000). "Njemanze Job Offer". Sample Business Contracts. Onecle. Retrieved October 9, 2013. 
  4. ^ "Executive Profile & Biography - Businessweek". Executive Profile. Bloomberg Businessweek. Retrieved July 21, 2014. 
  5. ^ a b "Prospectus". Form S-1. US Securities and Exchange Commission. December 7, 2007. Retrieved October 9, 2013. 
  6. ^ Who Is a Big Fan of ArcSight? The CIA
  7. ^ "Early investor secures big profit on ArcSight sale." September 13, 2010. Archived October 21, 2010, at the Wayback Machine.
  8. ^ silicontap: "ArcSight Prices IPO." February 14, 2008.
  9. ^ San Jose Business Journal: “Grierson helped lead ArcSight, valley's only IPO of 2008.” Tanner. Nov. 2009
  10. ^ MarketWire: “ArcSight Promotes Tom Reilly to be CEO in 2008."
  11. ^ “HP To Acquire ArcSight.” Sept. 13, 2010
  12. ^ HP to Acquire ArcSight Sept. 13, 2010
  13. ^ "ArcSight announces new versions of ESM and Logger technology". SC Media UK. 2010-09-20. Retrieved 2018-06-26. 
  14. ^ HP News Release. "HP Completes Acquisition of ArcSight." Oct. 2010
  15. ^ San Jose Mercury News. “Hewlett-Packard completes $1.5B ArcSight acquisition.” Russell. October 2010
  16. ^ "HP buys security software vendor ArcSight for $1.5 billion." September 14, 2010.
  17. ^ Sandle, Paul; Baker, Liana B. (2016-09-08). "HP Enterprise strikes $8.8 billion deal with Micro Focus for software assets". Reuters. Retrieved 2016-09-13. 
  18. ^ Volz, Dustin (October 3, 2017). Ricci, Andrea, ed. "Foreign government code reviews 'problematic': White House cyber official". Reuters. Retrieved October 6, 2017. The review of ArcSight’s code was conducted by Echelon, a company with close ties to the Russian military, on behalf of FSTEC, according to Russian regulatory records and interviews with people with direct knowledge of the issue. 
  19. ^ a b Schectman, Joel; Volz, Dustin; Stubbs, Jack (October 2, 2017). Weber, Jonathan; Colvin, Ross, eds. "Special Report: HP Enterprise let Russia scrutinize cyberdefense system used by Pentagon". 
  20. ^
  21. ^
  22. ^ "ArcSight Connector". Hewlett-Packard. Archived from the original on 28 April 2014. Retrieved 1 July 2014. 
  23. ^
  24. ^ "ArcSight ThreatDetector". Hewlett-Packard. Archived from the original on 18 April 2014. Retrieved 1 July 2014. 
  25. ^ "ArcSight Threat Response Manager". Hewlett-Packard. Archived from the original on 18 April 2014. Retrieved 1 July 2014. 
  26. ^ "HP introduces HP ArcSight Risk Insight, a heatmap for SIEM security events". Hewlett-Packard. 6 January 2014. Retrieved 1 July 2014. 
  27. ^ "Compliance Insight Packages". Hewlett-Packard. Archived from the original on 20 June 2014. Retrieved 1 July 2014. 

External links[edit]