RSA NetWitness Suite Accelerates Threat Detection and Response provides Additional Depth of Visibility, incorporates business context to help prioritize threats and security incidents
RSA unveils the next release of RSA NetWitness Suite to increase productivity for security analysts of every skill and experience level. It also accelerates threat detection and response.
Embedded by business context with true end-to-end visibility, the RSA NetWitness evolved SIEM touts to immediately identify an organization’s high risk security threats, optimize security processes to reduce attacker dwell time, and prioritizes the threats that matter most to the business.
“Security teams struggle with understanding the business context necessary to focus on the threats that matter most to the business,” said Mike Adler, Vice President of Product, RSA NetWitness Suite. “Our new, evolved SIEM provides business-driven security by interweaving business context and risk with the most advanced visibility and cybersecurity capabilities to help the entire organization – from the CEO and CISO to the security operations center – protect itself from known and unknown threats, minimize attacker dwell time and mitigate negative business consequences.”
The RSA NetWitness SIEM brings together log, network and endpoint data with business insights and threat intelligence into one, non-siloed analytics engine to find attacks that could otherwise go undetected.
The Suite also features new User Interfaces (UI) to help analysts respond to attacks that have the greatest potential to do the most harm to an organization. The end-to-end visibility and use of data in one SIEM to detect and respond separates RSA NetWitness Suite from other solutions in the market.
The new release of RSA NetWitness Suite delivers visibility across the enterprise – from the endpoint to the cloud – in a new, highly intuitive UI that presents security analysts with a comprehensive view of the IT infrastructure, across logs, packets, endpoints, NetFlow and threat intelligence. This broad data set is made intelligent and actionable to limit false positives and the system noise with which most SIEMs are associated.
Enhancements to RSA NetWitness Suite include:
- RSA NetWitness Logs & Packets 11 provides improved visibility by delivering advanced threat analytics across environments — on-premises, virtualized infrastructure, or in the cloud on Amazon Web Services (AWS) and Microsoft Azure. Continued enhancements to the Suite’s real-time behavior analytics and machine learning, as well as expanded threat intelligence across RSA capabilities, third party, and crowd sourced from the community, all provide security analysts with real-time insights into the most advanced cybersecurity threats.
- RSA NetWitness Endpoint 4.4 focuses on expanding its integration capabilities with the RSA NetWitness Suite. Already an integral part of the RSA NetWitness Suite, RSA NetWitness Endpoint can now transform its deep endpoint visibility into powerful metadata for even tighter integration and incorporation in the new analyst experience workflows of the RSA NetWitness Suite – providing a single place for detection and response across logs, network and endpoint data.
Additionally, RSA NetWitness Suite leverages machine learning techniques to look for anomalous behaviors that, in turn, can be used to identify threats.
The latest version of RSA NetWitness Suite will be available in October 2017.