RSA, the Security Division of EMC, announced a set of core technologies and services designed to help organizations more effectively manage information risk and IT compliance programs by building an Advanced Security Operations (ASO) function.
The solution includes the RSA Archer eGRC Platform, RSA enVision technology, RSA FraudAction(SM) service and the RSA Data Loss Prevention (DLP) Suite, plus a range of other services.
As security threats increase, so do the costs to handle such events. In addition, organizations are faced with evolving regulatory pressure and compliance requirements. While intended to mitigate risk, these requirements add an additional layer of complexity to the management workload. Faced with constrained resources, organizations must streamline their security operations beyond point products to drive efficiency. By implementing an ASO function, organizations can better identify and respond to the evolving risk and regulatory landscape.
The RSA Archer eGRC Platform is designed to serve as the foundation of an ASO function by providing a repository of threat and incident data and a centralized, automated incident handling process. The Platform is engineered to pull risk and security-related information from third-party systems, such as the RSA enVision platform, the RSA Data Loss Prevention Suite and RSA FraudAction service, to create meaningful, real-time intelligence across the enterprise. The ability to integrate intelligence on security alerts and threats, to gather and present metrics about the effectiveness of security controls and security management processes, and to analyze contextual information about the security and business environment helps enable organizations to more successfully assess business impact.
The RSA enVision platform is engineered to provide an integrated security information and event management (SIEM) and log management solution that collects, correlates and retains complete log records from every system that generates logs. RSA enVision technology is designed to produce real-time alerts of high-risk events and offers visibility into the behavioral aspects of users to assist in remediation.
The RSA Data Loss Prevention (DLP) Suite is built to alert organizations of sensitive data activity that is suspicious or violates organizational policy. DLP also executes first-line remediation functions, such as blocking the transmission of sensitive data, or quarantining, deleting, moving or applying rights management to documents that contain private data.
RSA FraudAction service is engineered to provide a proven service geared toward stopping and preventing phishing, pharming and Trojan attacks that occur in the online channel. This service is designed to offer a comprehensive view of the current and emerging threat environment by identifying employees, machines or other internal resources that may be under attack or compromised. RSA FraudAction service helps enable organizations to minimize resource investment while deploying a solution quickly, including 24×7 monitoring and detection, real-time alerts and reporting, forensics and countermeasures, and site blocking and shutdown.