Enhancing threat detection and incident response

Platform updates eliminate false-positive threats and automatically improves response management.

  • 4 years ago Posted in

RSA releases the latest version of RSA NetWitness Platform, which includes functionality updates for automated network detection and response, user and entity behavior analytics(UEBA) and threat intelligence. The updates provide customers with an enhanced RSA NetWitness UEBA offering that leverages network meta data to accurately identify unknown threats. RSA also unveils new enhancements to the RSA NetWitness® Orchestrator, built on the innovative ThreatConnect technology, to deliver confidence that tasks and decisions are based on vetted, relevant threat Intelligence.

 

As organizations continue down the path of digital transformation, they not only see the benefits of expanded use of technology, but also encounter consequences of extending technology deep into parts of their business that haven’t traditionally been ‘digital.’ Processes or operations that have been more ‘analog’ or manual, are suddenly prone to impacts such as cybersecurity or IT risks around business continuity. Expanded use of big data or a desire to connect digitally with consumers brings enhanced customer experience and may come with implications around data privacy or new compliance requirements. Effectively managing these digital risks enables organizations to mitigate the threats to business operations and more importantly, increase the speed and confidence with which the transform their business.

 

According to a study by RSA[1], 82% of risk and security professionals say their organization considers security breaches a business risk rather than just an IT risk. With the scale of attacks increasingly overwhelming to organizations, many companies have begun simply adding more security tools to try and eliminate threats. However, new tools do not always lead to better security as they can often make teams and critical information more disconnected than ever. With the latest edition of the RSA NetWitness Platform, organizations can leverage machine learning to minimize blind spots in the threat landscape and accurately identify true threats, while simultaneously improving incident response planning, management, and orchestration. 

 

The only product on the market that leverages visibility across logs, endpoint process data, and network meta data, RSA NetWitness UEBA can provide customers with exceptional threat detection by identifying and remediating unknown threats. Combined with the streamlined incident response and threat intelligence capabilities of RSA NetWitness Orchestrator, organizations will be able to automatically manage threat data by sending threat indicators and intelligence to defense tools for alerting or blocking, or looping in team members for systematic, automated actions to remediate threats. 

 

“Organizations waste too much time chasing false-positives and inconsequential alerts,” says Michael Adler, Vice President, RSA NetWitness Portfolio. “Applicable to any vertical going through digital transformation, the updated RSA NetWitness Platform streamlines operations to resolve cyber threats as quickly as possible and goes a step further to determine which issues require the most immediate attention. This will help reduce the scale of cyber-attacks and provide customers confidence in their digital journey.”

The same technologies companies need to stay competitive today – cloud applications, virtual infrastructure, mobile devices, etc. – subsequently provide attackers with more vulnerabilities to exploit and more ways to evade detection. The RSA NetWitness Platform is designed to meet these challenges by giving organizations the visibility and insights needed to detect threats and protect what matters most.

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...