RSA NetWitness Suite, a threat detection and response solution that helps security teams detect and understand the full scope of a compromise with capabilities such as threat intelligence, behavioral, and automated analytics
RSA, the security division of EMC has unveiled the RSA NetWitness Suite, a threat detection and response solution that helps security teams detect and understand the full scope of a compromise with capabilities such as threat intelligence, behavioral, and automated analytics.
The sophistication of threat actors and the expanding attack surface make it nearly impossible for security teams to discover and understand the scope of compromises before they damage the business. While threat actors may employ multiple attack methods, security teams often make decisions based on what is seen at a single point in time or for a single incident without understanding the full attack campaign. This can inadvertently tip off an adversary and actually help attackers improve their tactics or cover their tracks, which can make detection and accurate response more challenging.
The RSA NetWitness Suite has been optimized to monitor a far broader set of attack vectors while capturing activity over long periods of time. Analysts will be able to drill down and record, replay, and connect incidents over time and across endpoints, networks, and into the cloud to decipher the full scope of an attack. By applying sophisticated technology to analyze, prioritize, and investigate threats, security teams should be able to respond to advanced attacks in minutes and hours, not days or months. The latest RSA Threat Detection Survey, issued at RSA Conference 2016, revealed 92 percent of organizations feel they cannot detect threats very quickly and 89 percent feel cannot investigate fast enough.
“Attackers are taking advantage of the silos created by disjointed point security products that frequently prevent organizations from having a full view of an incident. Oftentimes, this results in incidents being prematurely remediated without fully eradicating the threat and potentially even tipping off the attacker to weaknesses. RSA NetWitness Suite helps organizations to connect what may look like seemingly isolated incidents and respond comprehensively, before attackers can inflict harm on the business,” said Grant Geyer, Senior Vice President, Products, RSA.
New capabilities within the RSA NetWitness Suite include, Live Connect that is designed to enable organizations to utilize and operationalize real-time, crowd sourced threat intelligence from the RSA customer, partner, and research communities for faster threat identification and more informed incident prioritization.