RSA NetWitness Suite Only Solution to Integrate Threat Intelligence Across Logs Packets and Endpoints

Adds New Threat Intelligence Partners for Faster Detection and Response

BEDFORD, MA, August 16, 2016 – RSA, The Security Division of EMC (NYSE: EMC), today announced that it has deepened its bench with new integrated threat intelligence partners for the RSA NetWitness® Suite.  The RSA NetWitness Suite is designed to incorporate threat intelligence from customers, threat intelligence partners, RSA experts and the RSA customer community through Live Connect.  By utilizing additional threat intelligence across logs, packets and endpoints, from its expansive network to enhance an organization’s ability to optimize their ability to find both known and unknown threats.

“Since threat actors change their tools and techniques, threat intelligence has a shelf life.  That means security teams need to be armed with great visibility and a variety of current sources of threat data to bring the attacks into view. We are continuously expanding our ability to ingest one of the most inclusive variety of data sources, including crowdsourced and STIX formatted threat intelligence, to provide comprehensive visibility into emerging threats and empower our customers to immediately act on the valuable insights uniquely provided by the RSA NetWitness Suite across logs, packets, and endpoints,” said Grant Geyer, Senior Vice President, Products, RSA.

The crowdsourced threat intelligence through Live Connect allows for faster identification of new attacks and more accurate prioritization of incidents. RSA will be adding both Threat Intelligence Platform (TIP) and Threat Intelligence Content (TIC) partners.  The new TIP partners include ThreatConnect and Soltra, which manage various sources of threat intelligence (internal, 3rd party, open source, etc.). The new TIC partner, Recorded Future, provides a real-time threat intelligence product that collects, organizes, and analyzes web information to help security teams proactively defend against cyber attacks. These threat intelligence content providers are utilized by the RSA NetWitness Suite and are designed to offer security analysts real-time context about an investigation so they can more quickly detect and respond to an incident.  

The RSA NetWitness Suite is powered by the RSA Advanced Analytics Platform and takes in Structured Threat Information Expression (STIX™) formatted threat intelligence that is engineered to provide enhanced security analytics including data science modeling, context enrichment, user and endpoint analysis, behavior analytics, and machine learning for accelerating threat detection and rapid response. 

All TIP partners and TIC providers are certified through the RSA Ready Partner Program.

For more information, please visit Threat Detection & Response.

ABOUT RSA

RSA helps more than 30,000 customers around the world take command of their security posture by partnering to build and implement business-driven security strategies. With RSA's award-winning cybersecurity solutions, organizations can effectively detect and respond to advanced attacks; manage user identities and access; and reduce business risk, fraud and cybercrime. For more information, go to www.rsa.com.

RSA, NetWitness and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries.  STIX is a trademark of The MITRE Corporation.  All other products and/or services referenced are trademarks of their respective owners.