SIEM – Security Information and Event Management
< What it does >
Detect and respond to any threat, anywhere
RSA NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: RSA NetWitness Platform is all you need to run an intelligent SOC.
Collects data across more capture points (logs, packet, netflow, endpoint), computing platforms (physical, virtual, cloud) and threat intelligence sources than other SIEMs.
Exposes the full scope of attacks and provides analysts with orchestration and automation capabilities to eradicate threats before business impact.
Advanced threat detection
Applies behavioral analytics, data science and threat intelligence to detect attacks in a fraction of the time of other platforms.
How an evolved SIEM helps you manage digital risk
Executives say managing cyber attack risk is their top digital risk management priority, according to the 2019 RSA Digital Risk Report. Yet the legacy SIEMs their organizations have used for compliance purposes lack the capabilities security teams need to rapidly discover attacks. The RSA NetWitness Platform evolved SIEM empowers security teams to respond to threats before they impact the business.
< Offerings >
What your SIEM was meant to be
RSA NetWitness Logs gives you instant visibility into log data spread across your entire IT environment—simplifying threat detection and investigation, reducing attacker dwell time and supporting compliance.Manage logs
Network detection and response
RSA NetWitness Network provides real-time visibility into all your network traffic with full packet capture—enabling you to detect threats as they traverse your network and reconstruct entire network sessions.Monitor your network
Endpoint detection and response
RSA NetWitness Endpoint offers deep visibility into activity across all of your endpoints, on and off your network, so you can cut the cost, time and scope of incident response.Monitor endpoints
User and entity behavior analytics (UEBA)
RSA NetWitness UEBA leverages user, network and endpoint behavior profiling to identify abnormal behaviors that may signal an insider threat or an external attacker leveraging compromised credentials.Identify unusual behavior
Discover more from RSA