RSA Announces RSA NetWitness Platform Designed to Deliver the Fastest and Most Comprehensive Response to Advanced Attacks

New Community Threat Intelligence and Behavioral Analytics Engineered to Offer Rapid Detection and Deep Understanding of the Full Scope of an Attack Needed To Contain and Eradicate Threats


RSA NetWitness Platform is built to:

  • Apply advanced technology created to quickly analyze, prioritize, and investigate threats in less time, diminishing impact on the business
  • Monitor a broader set of attack vectors and provides users with a deeper understanding of an attack for rapid and effective response
  • Utilize crowd sourced threat intelligence that can dramatically reduce the time from an attack discovery to general awareness across the RSA NetWitness community

BEDFORD, MA, July 27, 2016 – RSA, The Security Division of EMC (NYSE: EMC), today unveiled the RSA NetWitness Platform, an advanced threat detection and response solution that helps security teams detect and understand the full scope of a compromise like never before. Adding new threat intelligence, behavioral, and automated analytics capabilities to one of the industry's most advanced security analytics solution, the RSA NetWitness Platform is engineered to provide a deep level of insight that security teams need to contain and ultimately eradicate threats and limit consequential business impacts.

The sophistication of threat actors and the expanding attack surface make it nearly impossible for security teams to discover and understand the scope of compromises before they damage the business. While threat actors may employ multiple attack methods, security teams often make decisions based on what is seen at a single point in time or for a single incident without understanding the full attack campaign. This can inadvertently tip off an adversary and actually help attackers improve their tactics or cover their tracks, which can make detection and accurate response more challenging. The RSA NetWitness Platform has been optimized to monitor a far broader set of attack vectors while capturing activity over long periods of time. This promotes a much more comprehensive and deeper level of understanding so security teams can be more effective in shutting down an entire attack campaign instead of merely resolving a single incident. Analysts will be able to drill down and record, replay, and connect incidents over time and across endpoints, networks, and into the cloud to decipher the full scope of an attack. By applying sophisticated technology to analyze, prioritize, and investigate threats, security teams should be able to respond to advanced attacks in minutes and hours, not days or months.

New capabilities within the RSA NetWitness Platform include, Live Connect that is designed to enable organizations to utilize and operationalize real-time, crowd sourced threat intelligence from the RSA customer, partner, and research communities for faster threat identification and more informed incident prioritization. The suite also is engineered to include improved threat detection by combining recently introduced behavioral analytics with data science models and machine learning that does not require advanced knowledge of specific attacks or signatures, rules, or analyst tuning.

Fast-moving attacks that target strategic business assets with precision and escalating impact are now the norm. Organizations recognize the impact that these advanced threats present to infrastructure, reputation, and financial health but research shows they are slow to detect and respond to these threats. The latest RSA Threat Detection Survey, issued at RSA Conference 2016, revealed 92 percent of organizations feel they cannot detect threats very quickly and 89 percent feel cannot investigate fast enough. The RSA NetWitness Platform is designed to offer organizations a unified solution that helps analysts identify and understand compromises so they can detect and respond to threats before they have a negative business impact.

The RSA NetWitness Platform includes RSA NetWitness Logs, RSA NetWitness Packets, RSA NetWitness Endpoint, and RSA NetWitness SecOps Manager – formerly RSA Security Analytics, RSA ECAT and RSA SecOps, respectively. The RSA NetWitness Platform is generally available

RSA NetWitness Platform is a key component of RSA's strategy to deliver Business-Driven Security to organizations seeking to transform their security strategy and more directly link security details to broader business impact.

To see the RSA NetWitness Platform in action, check out Black Hat's NOC at Black Hat 2016 at Mandalay Bay in Las Vegas, NV on July 30 to August 4, 2016, or visit RSA Booth #1108.


Grant Geyer, Senior Vice President, Products, RSA

"Attackers are taking advantage of the silos created by disjointed point security products that frequently prevent organizations from having a full view of an incident. Oftentimes, this results in incidents being prematurely remediated without fully eradicating the threat and potentially even tipping off the attacker to weaknesses. RSA NetWitness Platform helps organizations to connect what may look like seemingly isolated incidents and respond comprehensively, before attackers can inflict harm on the business. We have engineered RSA NetWitness Platform to provide unparalleled insight and the fastest, most comprehensive ability to defeat today's security threats."


  • Check out what RSA will be up to at Black Hat 2016
  • More information on the RSA NetWitness Platform
  • Read the Speaking of Security blog post on how RSA will be part of the Black Hat NOC team
  • Connect with RSA via Twitter, YouTube, LinkedIn and the RSA Speaking of Security Blog


RSA helps more than 30,000 customers around the world take command of their security posture by partnering to build and implement business-driven security strategies. With RSA's award-winning cybersecurity solutions, organizations can effectively detect and respond to advanced attacks; manage user identities and access; and reduce business risk, fraud and cybercrime. For more information, go to


RSA, NetWitness and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other products and/or services referenced are trademarks of their respective owners.

This release contains "forward-looking statements" as defined under the Federal Securities Laws. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) risks associated with the proposed acquisition of EMC by Denali Holdings, Inc., the parent company of Dell, Inc., including, among others, assumptions related to the ability to close the acquisition, the expected closing date and its anticipated costs and benefits; (ii) adverse changes in general economic or market conditions; (iii) delays or reductions in information technology spending; (iv) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (v) competitive factors, including but not limited to pricing pressures and new product introductions; (vi) component and product quality and availability; (vii) fluctuations in VMware, Inc.'s operating results and risks associated with trading of VMware stock; (viii) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (ix) risks associated with managing the growth of our business, including risks associated with acquisitions and investments and the challenges and costs of integration, restructuring and achieving anticipated synergies; (x) the ability to attract and retain highly qualified employees; (xi) insufficient, excess or obsolete inventory; (xii) fluctuating currency exchange rates; (xiii) threats and other disruptions to our secure data centers or networks; (xiv) our ability to protect our proprietary technology; (xv) war or acts of terrorism; and (xvi) other one-time events and other important factors disclosed previously and from time to time in the filings of EMC, the parent company of RSA, with the U.S. Securities and Exchange Commission. EMC and RSA disclaim any obligation to update any such forward-looking statements after the date of this release.