NetWitness, an RSA business, introduced NetWitness IoT, a SaaS-native solution that delivers visibility across an organization’s critical infrastructures, including their Internet of Things (IoT) and operational technology (OT) systems.
NetWitness IoT provides enterprises with security monitoring for disparate IoT and OT devices at scale, by monitoring gateways, servers, and the attached devices for behavioral anomalies, coupled with advanced threat intelligence, to produce focused and actionable alerts.
The IoT is driving an explosion of connected devices on company networks, dramatically expanding the surface area that organizations must defend and creating a significant strain on operational security. The sheer variety of devices and solutions means that organizations are challenged to maintain security in a unified and strategic way.
OT systems, with their proprietary protocols, introduce an added challenge, as organizations must adapt their strategies to accommodate industrial operations and their associated assets. NetWitness IoT addresses the challenge of monitoring and securing these disparate devices with a flexible and scalable solution for maintaining security at far reaches of an enterprise IT infrastructure.
“As modern enterprises implement exponentially more technology outside the data center, threat actors have seized upon the opportunity to target cloud and edge technology infrastructures. In addition, traditional OT networks are now converging with IT networks, making them vulnerable to cyber threats, as well,” said Dr. Zulfikar Ramzan, Chief Technology and Product Officer of NetWitness.
“In this perimeter-less world – with more and more machine actors on the network – organizations need to apply a zero-trust mindset to all actors on the network. NetWitness IoT provides enterprises with the robust monitoring of IoT and OT networks required to detect rogue or compromised devices, which could serve as the launchpad for highly disruptive cyber incidents and breaches.”
To support these operations and IT security use cases, NetWitness IoT can operate as a standalone offering with its own web interface for operations staff, or as an integrated offering, delivering IoT visibility to the Security Operations Center (SOC). The NetWitness Platform is an evolved SIEM and XDR solution that enables security teams to detect, understand the full scope of a compromise, and automatically respond to security threats across modern IT infrastructures.
The NetWitness Platform delivers enhanced visibility, integrating logs, network data and endpoints – and now IoT. It applies threat intelligence and user behavior analytics to detect, prioritize, investigate threats and automate response, improving the effectiveness and efficiency of security operations.
NetWitness IoT is available globally now.