RSA Acquires Fortscale, Expands NetWitness SIEM Platform
RSA is acquiring Fortscale in an effort to bring enhanced visibility to the NetWitness security information and event management platform.
RSA announces its acquisition deals with Fortscale. The terms of the deal were not disclosed and are subject to customary closing conditions. RSA’s acquisition of Fortscale is designed to provide customers with new user and entity behavioral analytics (UEBA) capabilities through the RSA NetWitness Platform.
RSA is also declaring the newest version of RSA NetWitness Platform that helps security teams detect and respond to modern threats, as well as two new offerings, RSA NetWitness UEBA and RSA NetWitness Orchestrator to strengthen the evolved SIEM and threat defense platform, a revolutionary centerpiece of security operations teams.
“Adding more security monitoring and prevention tools is a common response to the growing digital risk environment, but too often, the influx of data creates unattended alerts, overwhelming analysts,” said Michael Adler, Vice President, RSA NetWitness Platform. “The new UEBA and orchestration capabilities in RSA NetWitness Platform provide heightened visibility and analytics, allowing analysts to keep up with their SIEM data, investigate issues, and automate threat responses, all on a single integrated platform.”
NetWitness UEBA
RSA NetWitness UEBA directly addresses and overcomes obstacles that standalone solutions have encountered due to their high cost and high touch requirements. RSA NetWitness UEBA requires minimal customization and no manual tuning. Its patented, three-tier unsupervised machine learning analytics engine automatically finds known and unknown threats that rule-based systems cannot with greater accuracy.
NetWitness Orchestrator
RSA NetWitness Orchestrator, powered by Demisto, combines orchestration, incident management, and interactive investigation for security operations. It uses machine learning to draw from past analyst interactions and investigations to suggest analyst assignments, enhance playbooks, and identify the best course of action for investigations. Security teams can now modernize their security operations while reducing time to remediation, creating consistent and audited incident management processes, and increasing analyst productivity.
Enhanced Features in RSA NetWitness Platform
Each of the new capabilities in RSA NetWitness Platform 11.1 provide distinct value, and is further enhanced when leveraged across a single platform:
- RSA NetWitness Endpoint Insights: a free endpoint agent, it delivers timely insights and reduces the costs of managing endpoints and Windows logs by offering essential endpoint inventory scans paired with Microsoft Windows log forwarding and filtering capabilities.
- RSA NetWitness UEBA Essentials: leverages user, network, and endpoint behavioral profiling powered by static rules, advanced correlation, and statistical analytics to identify deviations from normal user behaviors. Delivered as a content pack, it is available free to all RSA NetWitness Platform customers.
- Dynamic Log Visibility: offers instant log visibility by leveraging “dynamic parsing” technology that enables organizations to parse log data sources and immediately access critical security data.
The new features in RSA NetWitness Platform 11.1, including RSA NetWitness UEBA Essentials, instant log visibility and RSA NetWitness Endpoint Insights, are available now. RSA NetWitness Orchestrator will be available in late April.
Further info: RSA NetWitness Platform Solution Brief