Threat Detection for Advanced Persistent Threats
An advanced persistent threat, also known as an APT, is a sophisticated cyberattack designed to evade traditional, signature-based security tools and linger in an organization’s environment undetected. Advanced persistent threats can go undetected for months or more; during that time, attackers become intimately familiar with an organization’s network, its security controls and the location of its sensitive data. APTs typically result in data theft.
The RSA NetWitness Platform for threat defense applies a unique combination of network traffic analysis, behavioral analysis, endpoint analysis, data science techniques and threat intelligence to detect advanced persistent threats and other targeted attacks and to automate threat response. It exposes the full scope of APTs and other attacks by providing unparalleled network and endpoint visibility, connecting incidents over time, and delivering deeper insights to analysts through automation and machine learning.