CERT and ArcSight alliance aims to head off attacks Vendors are stepping up security management in an effort to help organizations better share information and respond more effectively to computer attacks.This week, ArcSight will unveil a partnership with the Computer Emergency Response Team Coordination Center (CERT/CC) to launch a Cyber Security Information Sharing Project (CSISP) at three universities.A linchpin of the White House’s Strategy to Secure Cyberspace using Information and Analysis Centers (ISACs), the CSISP will examine technical aspects of data sharing, regulatory constraints, policy, and privacy issues, said Rich Pethia, director of the CERT/CC at Pittsburgh-based Carnegie Mellon University. Using emerging standards to exchange security messages, Sunnyvale, Calif.-based ArcSight’s software will monitor data from university security devices and pass that information onto CERT/CC to identify threats.“We need to move away from manual, word-of-mouth reporting that we have today to a system of interoperable components which can share information at Internet speeds to head off attacks,” Pethia said.Tools lacking standardization on syntax and vocabulary must be fixed, said Eric Ogren, senior analyst at The Yankee Group in Boston. To add value to its CSISP initiative with ArcSight, Ogren said CERT/CC needs to create meta definitions for events earmarked for sharing across communities.Version 3.0 of ArcSight’s software will include adaptable incident analysis and response features to allow users to detect suspicious patterns through trending and enable new rules to be created without authoring signatures for defense. SecurityCareers