Today RSA made the announcement that RSA Security Analytics has received Common Criteria certification. The Common Criteria program is one that is relied on by governments and critical infrastructure providers globally to independently verify the security related claims of a multitude of security related products, ranging from Access Control Systems to Operating Systems. You will find RSA Security Analytics' certification details slotted into the Network and Network Related Systems category, but this category title under-communicates the profound nature of what RSA Security Analytics brings to security teams.
As organizations of all sizes have increasingly recognized over the past few years, the security game has changed. No longer does a purely or even primarily preventive security approach cut it anymore. At the same time, attackers have become incredibly sophisticated and targeted while organizations' applications and data have become so distributed and accessible. This has led many organizations to recognize the need to improve their capabilities around threat detection and response to more quickly react to threats. This is where RSA Security Analytics is so valuable, as network level visibility is a key foundation of a threat detection and response system. Without network level visibility, one doesn't really have visibility.
And this brings me back to the Common Criteria certification. With thousands of security vendors in the entire security market, with perhaps 10,000 security products of various types, how is a buyer of security technologies supposed to know which vendors' claims to trust? While there is no guarantee of security, Common Criteria certification can ensure that claims about security made by vendors are independently verified by experts. For many government agencies and critical infrastructure providers Common Criteria certification is a key foundation that they rely on when selecting the technologies that will be part of their security programs. With this certification of RSA Security Analytics, organizations have even more reason to put their trust in RSA products.
Matthew Gardiner is a Senior Manager at RSA and is currently focused on the evolution of security management and monitoring solutions to better serve the detection, investigation, remediation, and management needs of security organizations. Before RSA Mr. Gardiner spent more than 10 years focused on identity & access management, Web access management, identity federation, cloud security, and IT compliance at Netegrity and CA Technologies. Previously he was President and a member of the board of trustees of the security industry non-profit, the Kantara Initiative. Mr. Gardiner has a BS in Electrical Engineering from the University of Pennsylvania and an SM in Management from MIT's Sloan School of Management. He can be followed on Twitter @jmatthewg1234