Thursday, 3rd December 2020

Enhancing threat detection and incident response

Platform updates eliminate false-positive threats and automatically improves response management.

RSA releases the latest version of RSA NetWitness Platform, which includes functionality updates for automated network detection and response, user and entity behavior analytics(UEBA) and threat intelligence. The updates provide customers with an enhanced RSA NetWitness UEBA offering that leverages network meta data to accurately identify unknown threats. RSA also unveils new enhancements to the RSA NetWitness® Orchestrator, built on the innovative ThreatConnect technology, to deliver confidence that tasks and decisions are based on vetted, relevant threat Intelligence.

As organizations continue down the path of digital transformation, they not only see the benefits of expanded use of technology, but also encounter consequences of extending technology deep into parts of their business that haven’t traditionally been ‘digital.’ Processes or operations that have been more ‘analog’ or manual, are suddenly prone to impacts such as cybersecurity or IT risks around business continuity. Expanded use of big data or a desire to connect digitally with consumers brings enhanced customer experience and may come with implications around data privacy or new compliance requirements. Effectively managing these digital risks enables organizations to mitigate the threats to business operations and more importantly, increase the speed and confidence with which the transform their business.

According to a study by RSA[1], 82% of risk and security professionals say their organization considers security breaches a business risk rather than just an IT risk. With the scale of attacks increasingly overwhelming to organizations, many companies have begun simply adding more security tools to try and eliminate threats. However, new tools do not always lead to better security as they can often make teams and critical information more disconnected than ever. With the latest edition of the RSA NetWitness Platform, organizations can leverage machine learning to minimize blind spots in the threat landscape and accurately identify true threats, while simultaneously improving incident response planning, management, and orchestration.

The only product on the market that leverages visibility across logs, endpoint process data, and network meta data, RSA NetWitness UEBA can provide customers with exceptional threat detection by identifying and remediating unknown threats. Combined with the streamlined incident response and threat intelligence capabilities of RSA NetWitness Orchestrator, organizations will be able to automatically manage threat data by sending threat indicators and intelligence to defense tools for alerting or blocking, or looping in team members for systematic, automated actions to remediate threats.

“Organizations waste too much time chasing false-positives and inconsequential alerts,” says Michael Adler, Vice President, RSA NetWitness Portfolio. “Applicable to any vertical going through digital transformation, the updated RSA NetWitness Platform streamlines operations to resolve cyber threats as quickly as possible and goes a step further to determine which issues require the most immediate attention. This will help reduce the scale of cyber-attacks and provide customers confidence in their digital journey.”

The same technologies companies need to stay competitive today – cloud applications, virtual infrastructure, mobile devices, etc. – subsequently provide attackers with more vulnerabilities to exploit and more ways to evade detection. The RSA NetWitness Platform is designed to meet these challenges by giving organizations the visibility and insights needed to detect threats and protect what matters most.

Palo Alto Networks has introduced what it says is the industry’s first 5G-native security offering,...
Sophos has published the Sophos 2021 Threat Report, which flags how ransomware and fast-changing att...
Acronis has acquired CyberLynx, a leading Israel-based cybersecurity consultancy firm with a presenc...
Research uncovers critical cybersecurity and compliance risks.
Advanced ransomware recovery enhancements and technology integrations bring ability to identify, res...
Nearly half (49%) of organizations plan to extend Cognitive and AI capabilities for security to dete...
McAfee has launched MVISION Marketplace, MVISION API and MVISION Developer Portal, part of the MVISI...
Latest addition to Cloud One platform is ideal for those migrating their servers to the cloud.