Skip to main content
Customer Support Customer Support
Answer

How often should I update threat detection rules in ArcSight?

  • August 3, 2025
  • 2 replies
  • 70 views
DoreamonANA
New Member

Hi everyone,
I’m fairly new to using ArcSight and wanted to ask—how often do you recommend updating or reviewing threat detection rules and correlation logic? I want to make sure our system stays current without overloading it with constant changes. Any general advice or best practices would be appreciated!

Thanks!

Best answer by TylerM

@DoreamonANA 

Hi there!

We have a community forum specifically for arcsight here. 

https://community.opentext.com/cybersec/threat-detect-response/

 

 

*psycho
Jasper_The_Rasper
Ssherjj
TripleHelix
This topic has been closed for replies.

2 replies

TripleHelix
Moderator
Forum|alt.badge.img+63
  • TripleHelix
  • Moderator
  • August 3, 2025

Hello ​@DoreamonANA 

 

We don’t support ArcSight on this forum so I would suggest to contact OpenText support directly: https://www.opentext.com/support

 

Thanks,

Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
ProTruckDriver
Ssherjj
TripleHelix
TylerM
Administrator
Forum|alt.badge.img+25
  • TylerM
  • Sr. Security Analyst & Community Manager
  • Answer
  • August 4, 2025

@DoreamonANA 

Hi there!

We have a community forum specifically for arcsight here. 

https://community.opentext.com/cybersec/threat-detect-response/

 

 

ProTruckDriver
Ssherjj
TripleHelix
Terms & ConditionsAccessibility statement