RSA, The Security Division of EMC, has unveiled the RSA NetWitness Suite, an advanced threat detection and response solution that helps security teams detect and understand the full scope of a compromise like never before.
Adding new threat intelligence, behavioural, and automated analytics capabilities to one of the industry's most advancedsecurity analytics solutions, the RSA NetWitness Suite is engineered to provide a deep level of insight that security teams need to contain and ultimately eradicate threats and limit consequential business impacts.
The sophistication of threat actors and the expanding attack surface make it nearly impossible for security teams to discover and understand the scope of compromises before they damage the business. While threat actors may employ multiple attack methods, security teams often make decisions based on what is seen at a single point in time or for a single incident, without understanding the full attack campaign. This can inadvertently tip off an adversary and actually help attackers improve their tactics or cover their tracks, which can make detection and accurate response more challenging.
The RSA NetWitness Suite has been optimised to monitor a far broader set of attack vectors while capturing activity over long periods of time. This promotes a much more comprehensive and deeper level of understanding so security teams can be more effective in shutting down an entire attack campaign instead of merely resolving a single incident.
Analysts will be able to drill down and record, replay, and connect incidents over time and across endpoints, networks, and into the cloud to decipher the full scope of an attack. By applying sophisticated technology to analyse, prioritise, and investigate threats, security teams should be able to respond to advanced attacks in minutes and hours, not days or months.
New capabilities within the RSA NetWitness Suite include Live Connect, designed to enable organisations to utilise and operationalise real-time, crowd-sourced threat intelligence from the RSA customer, partner, and research communities for faster threat identification, and more informed incident prioritisation. The suite is also engineered to include improved threat detection by combining recently introduced behavioural analytics with data science models and machine learning that does not require advanced knowledge of specific attacks or signatures, rules, or analyst tuning.
Fast-moving attacks that target strategic business assets with precision and escalating impact are now the norm. Organisations recognise the impact these advanced threats present to infrastructure, reputation, and financial health, but research shows they are slow to detect and respond to these threats.
The latest RSA Threat Detection Survey, issued at RSA Conference 2016, revealed 92% of organisations feel they cannot detect threats very quickly, and 89% feel they cannot investigate fast enough. The RSA NetWitness Suite is designed to offer organisations a unified solution that helps analysts identify and understand compromises so they can detect and respond to threats before they have a negative business impact.
The RSA NetWitness Suite includes RSA NetWitness Logs, RSA NetWitness Packets, RSA NetWitness Endpoint, and RSA NetWitness SecOps Manager – formerly RSA Security Analytics, RSA ECAT and RSA SecOps, respectively. The RSA NetWitness Suite is available across 23 African countries from value-added distributor, Networks Unlimited.
Anton Jacobsz, MD at Networks Unlimited, adds: "The addition of RSA NetWitness Suite to the range of RSA products which we already make available to our African customers is essential to any organisations focusing on implementing a security strategy that can respond comprehensively to an impending cyber threat, thus negating the resulting negative impact an attack could have on their business."
Article hosted here: