RSA extends SIEM capabilities with expanded analytics, threat aware authentication

RSA unveiled the newest version of its market-leading SIEM, RSA NetWitness Platform, which features machine learning models based on deep endpoint observations to rapidly detect anomalies in user’s behavior to uncover evolving threats.

This announcement furthers RSA’s strategy to help customers take a unified, phased approach to managing digital risk, an ever-increasing challenge faced by organizations with ambitious digital transformation initiatives.

As companies transform their digital operating models to accelerate their business, disruptive technologies such as cloud infrastructures, automation, and a dynamic workforce open up new avenues for cyberattack and create unanticipated digital risks for security teams to manage.

While these emerging technologies provide clear business benefits, they also reveal new challenges and threats to a company’s bottom line – including compliance, data privacy and third-party risk. Should those threats impact a business’ users or customers, there is an even greater existential threat — the loss of consumer trust, according to RSA’s latest Data Privacy and Security survey.

“In an era of ever-expanding attack surfaces and sophisticated attack methods, managing growing digital risk has become increasingly difficult. Coupled with inconsistent data formats across prevention platforms and security teams working in silos, organizations fall short in detecting and responding to evolving threats,” said Mike Adler, Vice President, RSA NetWitness.

“Providing security analysts with a complete platform for detection and response, from the disconnected endpoint to complete network view, integrated with machine learning and threat-aware authentication provides the visibility and actionable analytics security teams need to break down siloed views, leverage their SIEM’s data intelligence and analytics, and respond to complex threats in real-time.”

New features in RSA NetWitness Platform

New capabilities in RSA NetWitness Platform 11.3 provide distinct value and are further enhanced when leveraged across a single platform.

• Threat-aware authentication with RSA SecurID Access: RSA NetWitness Platform now fuels threat-aware authentication to enable continuous authentication and the ability to block insider threats and malicious actors in the act of an attack while reducing the time and effort by overworked security operations teams.
• RSA NetWitness UEBA: RSA NetWitness Platform introduces the first machine learning models based on deep endpoint process data collected by RSA’s Endpoint Detection and Response (EDR) Solution, RSA NetWitness Endpoint. This advanced analytics capability can rapidly detect anomalies in user’s behavior and uncover unknown, abnormal, and complex evolving threats that may be otherwise missed by analyzing logs alone.
• RSA NetWitness Endpoint 11.3: The only fully native endpoint detection and response solution within an evolved SIEM, to equip security analysts with industry-leading detection, investigation, and incident response capabilities. This EDR solution is an integrated product offering within the RSA NetWitness Platform.