​SIGN UP FOR DEMO

CONTACT SALES

DOWNLOAD FREEWARE

Benefits

  • ​Organizations can deploy RSA NetWitness Logs & Packets across diverse network typologies and geographies, and scale it according to their data capture and performance requirements.

  • ​Automated behavior analytics provides insight into attacker tactics, techniques and procedures as they execute their attacks.

  • ​Recreates full sessions (web browsing, FTP, email, etc.) so that analysts can literally see what happened during an attack (including what was stolen during an exfiltration) and identify root causes.

Features

  • Flexible, Scalable Architecture

    Consists of three components which can be deployed virtually, on premise, in the cloud or using a hybrid approach: The capture infrastructure, which consists of a highly configurable Decoder that captures and stores raw log and packet data; a Concentrator that stores and indexes metadata for fast queries and retrieving raw data; and a broker that facilitates queries across a multisite deployment of Concentrators and Decoders. The analysis and retention infrastructure, which is made up of an Archiver that manages long-term data storage and an Event Stream Analysis (ESA) engine that processes high volumes of disparate event data and executes machine learning algorithms in real time. The security analytics server.

  • Identifies Advanced Threats

    Looks for myriad behavioral indicators to identify attacks that evade signature- and rules-based monitoring tools.

  • Multiple Use Cases

    Integrated platform which provides advanced cyber threat detection, incident forensics, breach response, compliance reporting and basic security monitoring.

  • No Stone Unturned

    Inspects every network, packet session and log event for threat indicators at time of collection and enriches this data with threat intelligence and business context.

  • Real-Time and Historical Analysis

    Collects and examines multiple pieces of data in real time and over extended periods of time, detects deviations from normal behavior, and creates a probability-weighted risk score for alerts based on these results.