RSA NetWitness® UEBA

< What it does >

Detects unusual behaviors that signal early stage attacks

Detects unusual behaviors that signal early stage attacks

RSA NetWitness UEBA applies user and entity behavior analytics to your organization’s user, network and endpoint data. It correlates the data with threat intelligence and business context to uncover malicious activity before it leads to a data breach. Using advanced machine learning technology and statistical models, it is a force multiplier enabling security teams to rapidly detect malicious activities that other solutions miss.

Get the details: Read the data sheet

Automated, continuous threat detection

Automated, continuous threat detection

Monitors corporate data and correlates it with behavioral analysis, threat intelligence and business context to uncover hidden threats.

Enhanced detection of unknown threats

Enhanced detection of unknown threats

Identifies a wide range of threats, such as compromised accounts, C&C communication, data exfiltration, lateral movement, advanced malware and reconnaissance.

Efficient, effective security operations

Efficient, effective security operations

Zeros in on the high-priority threats and delivers high-fidelity alerts that are easy for analysts to understand and act on.

Fast investigations

Fast investigations

Accelerates investigations by correlating disjointed events and providing analysts with all relevant information in a single user interface.

< How it works >

Applies user and entity behavior analytics to identify abnormal activity

  • Out-of-the-box machine learning

    From the moment you turn it on, RSA NetWitness UEBA starts working to rapidly and accurately identify unusual behavior. It provides a zero-touch, turn-key approach, eliminating the need to create rules, customize metadata, or train and continually tune the underlying models.

  • Innovative risk scoring

    RSA NetWitness UEBA aggregates multiple indicators of suspicious activity and then applies a dynamic, statistical risk-scoring mechanism. This innovative approach alleviates analyst alert fatigue by only producing high-fidelity alerts when the risk score exceeds established thresholds.

  • Scalable platform

    RSA NetWitness UEBA scales to process billions of events daily and analyzes hundreds of thousands of organizational entities. Data collection, enrichment, analysis and investigation capabilities can be streamed or batch loaded on a Hadoop infrastructure.

  • Intelligent peer grouping

    User behavior varies based on role, responsibility, location and other factors, so RSA NetWitness UEBA uses machine learning to create peer groups and detect deviations within them. This leads to more accurate alerts.

Rein in digital risk with UEBA

The ability to monitor user, network and endpoint behavior at the same time, in the same tool, using machine learning algorithms that work right out of the box makes RSA NetWitness UEBA an excellent choice for rapidly detecting the insider threats and sophisticated external attacks that create so much digital risk for organizations.

We selected RSA NetWitness Platform because we found that it absolutely leaves no stone unturned. It uses behavioral indicators to identify attacks that are normally undetected by signature and rules-based monitoring tools.

Yumiko Matsubara
Security Architecture Manager

Recruit Technologies Co. Ltd.

< Resources >

Discover more from RSA

Mitigate cyber attack risk

Mitigate cyber attack risk

See how prioritizing threats can help your organization coordinate an effective response to cyber attacks that helps minimize business impact.

Coordinate response

Secure your cloud transformation

Secure your cloud transformation

Get visibility into cloud-based security risks, provide secure access to cloud applications and include cloud providers in third-party governance.

Secure your clouds

Protect from insider threats

Protect from insider threats

Gain the visibility and advanced behavior analytics that are essential to detect potential insider threats and assess the risk they pose.

Manage insider access

Orchestrate rapid incident response

Orchestrate rapid incident response

Combine full visibility with business context and threat intelligence to automate and orchestrate detection and response to the threats that matter most.

Respond faster

Detect unusual behaviors that signal early stage attacks
RSA NetWitness UEBA

Recommended for you