RSA NetWitness Suite users uncover and respond to real threats faster, enabling security teams to be far more efficient and effective
RSA, a Dell Technologies business, unveiled updates and enhancements to the RSA NetWitness Suite that gives analysts the industry’s most advanced threat detection and response solution to discover, contain and ultimately eradicate threats.
The “Hunter Packs”, delivered out-of-the-box via RSA Live, are designed to help organizations detect both known and unknown threats. RSA Live is a service that is engineered to provide content and Threat Intelligence to RSA NetWitness Suite customers. Intelligence not only from industry research, but also crowd sourced from RSA’s customer base and the organization’s own proprietary data, is aggregated and operationalized at ingestion, to help detect indicators of compromises – saving valuable time and resources.
Using the RSA NetWitness Suite, organizations can now deploy the same threat detection content that RSA’s Incident Response Practice uses every day to smoke out and respond to active threats around the globe.
A new set of “meta keys” facilitates the enablement of new content. An analyst can rapidly find interesting and suspicious events by applying content packs that leverage the new meta keys instead of manually editing or updating indices. Specifically, analysts can find behaviors of compromise, identify unusual protocols and file attributes, and quickly categorize threats to streamline investigation. These capabilities were developed in collaboration with the Dell Cybersecurity Intelligence & Response Team and were leveraged successfully at the Black Hat USA 2016 conference.
The latest RSA Threat Detection Survey revealed 92 percent of organizations cannot detect threats very quickly and 89 percent cannot investigate fast enough. With the Hunter Packs, RSA NetWitness Suite is designed to offer organizations a unified solution that helps analysts identify and understand compromises so they can detect and respond to threats before they have a negative business impact.
Michael Adler, Vice President, Product, NetWitness Suite, RSA said, “As RSA continues to execute on our vision around business-driven security offerings, we are continuously expanding and enhancing our RSA NetWitness Suite to provide unparalleled insight for our customers and help organizations to have the fastest, most comprehensive ability to defeat today’s security threats. Leveraging intelligence from our Incident Response team helps our customers hunt more effectively. ”
As per the release, the version of NetWitness will be available later in 2016.