Speeding up security decisions

The suite is engineered to enable organizations to monitor and deploy in any modern infrastructure, allowing for flexibility, ease of deployment and the comprehensive visibility needed for rapid detection and response. These enhancements extend RSA’s ability to enable organizations to close the security team resource and skills gaps without adding staff. As part of RSA’s Business-Driven Security™ solutions, RSA NetWitness Suite customers can comprehensively and rapidly link security incidents with business context to respond effectively and protect what matters most.

Using the RSA NetWitness Suite, organizations can now deploy the same threat detection content that RSA's Incident Response Practice uses to identify the latest threats. As an illustration of RSA NetWitness Suite’s ability to connect the dots between network, endpoint and log data, the technology was used to identify the malware used in a pair of newly identified attacks – Kingslayer and Schoolbell. The suite provides out-of-the-box content for finding behaviors that are associated with the groups suspected to have perpetrated the attacks. RSA Research recently published technical details about the Kingslayer and Schoolbell attacks.

“RSA NetWitness Suite has helped our security analysts detect and respond to incidents with agility and confidence,” said Eric Tamashunas, Information Security at Johnson & Johnson. “It is not only a key tool in our InfoSec portfolio, it’s a force multiplier that elevates our analysts’ efficiency across the organization.”

With its deep understanding of the broadest set of attack vectors, RSA NetWitness Suite is designed to address the increasingly pervasive threats posed by fast-moving, increasingly precise attacks that target strategic business assets. While organizations recognize the impact these advanced threats present to infrastructure, reputation and financial health, research shows they are slow to detect and respond to these threats. The latest RSA Threat Detection Survey revealed 92 percent of organizations cannot detect threats very quickly and 89 percent cannot investigate fast enough.

RSA NetWitness Suite’s latest capabilities are engineered to provide visibility into organizations’ applications that are running on cloud and virtual infrastructures, allowing enterprises to collect and analyze critical security data as part of a centralized detection and response platform. In addition, RSA NetWitness components are built to now be deployed to “run anywhere” – on physical, virtual and new cloud infrastructures. Organizations can benefit from the agility offered by unlimited computing and storage without compromising security or availability.

“RSA NetWitness Suite is designed to enable organizations to be more effective and efficient in their security operations. We have engineered the RSA NetWitness Suite to provide unparalleled insight across all infrastructures and deliver rapid, comprehensive ability to defeat today’s security threats,” said Michael Adler, Vice President, Product, RSA NetWitness Suite, RSA. “Customers can close resource gaps on their security teams by using automated detection of today’s known and unknown threats and by monitoring their entire infrastructure – no matter where it is.”

RSA NetWitness Suite is designed to increase the impact of a security team by up to three times by:

• Mitigating business damage: Rapid detection of today’s known and unknown threats by using automated-behavior analytics, minimizing the dwell time of the attacker and mitigating risk.
• Creating more efficient and effective security teams: Close gaps on security teams without increasing headcount while improving the current team with automated detection to respond to advanced cyber threats three times faster.
• Leveraging the cloud and virtual environments while remaining secure: Pervasive visibility into any modern infrastructure and minimizing potential blind spots.