RSA, a Dell Technologies business, has unveiled updates and enhancements to the RSA NetWitness Suite that gives analysts the industry’s most advanced threat detection and response solution to discover, contain and ultimately eradicate threats.
The “Hunter Packs”, delivered out-of-the-box via RSA Live, are designed to help organisations detect both known and unknown threats. RSA Live is a service that is engineered to provide content and threat intelligence to RSA NetWitness Suite customers. Intelligence not only from industry research, but also crowd sourced from RSA’s customer base and the organisation’s own proprietary data, is aggregated and operationalised at ingestion, to help detect indicators of compromises – saving valuable time and resources.
Value added distributor, Networks Unlimited will distribute this solution alongside the other RSA products and solutions it provides to customers throughout Africa. “The RSA NetWitness Suite will enable security teams operating on the continent to be far more efficient and effective,” says Anton Jacobsz, managing director at Networks Unlimited.
Using the RSA NetWitness Suite, organisations can now deploy the same threat detection content that RSA’s Incident Response Practice uses every day to smoke out and respond to active threats around the globe.
A new set of “meta keys” facilitates the enablement of new content. An analyst can rapidly find interesting and suspicious events by applying content packs that leverage the new meta keys instead of manually editing or updating indices.
Specifically, analysts can find behaviours of compromise, identify unusual protocols and file attributes, and quickly categorise threats to streamline investigation. These capabilities were developed in collaboration with the Dell Cybersecurity Intelligence & Response Team and were leveraged successfully at the Black Hat USA conference last year.
RSA NetWitness Suite is engineered to address the increasingly pervasive threats posed by fast-moving attacks that target strategic business assets with precision and escalate impact through a deep understanding of the broadest set of attack vectors. While organisations recognise the impact these advanced threats present to infrastructure, reputation and financial health, research shows they are slow to detect and respond to these threats.
The latest ‘RSA Threat Detection Survey’ revealed that 92 percent of organisations cannot detect threats very quickly and 89 percent cannot investigate fast enough. With the Hunter Packs, RSA NetWitness Suite is designed to offer organisations a unified solution that helps analysts identify and understand compromises so they can detect and respond to threats before they have a negative business impact.
Other features include:
· Expanded behaviour analytics capabilities that enable customers to leverage logs to identify potential command and control activities.
· Enhanced cloud visibility for Azure. As more sensitive data, applications and resources are moving to the cloud, RSA NetWitness Suite provides the flexibility organisations need.
· Out-of-the-box dashboards and reports that enable organisations to show value to management and the Board.