RSA NetWitness® Suite named a leader in The Forrester Wave™: Security Analytics Platforms

We are excited to announce the RSA NetWitness® Suite has been named by Forrester® Research as a leader in The Forrester Wave™: Security Analytics Platforms, Q1 2017. RSA NetWitness Suite earned perfect marks in the Forrester Wave report for scalability, detection technologies, user behavior analytics, endpoints, integrated network analysis and visibility, and threat intelligence. According…

Kingslayer – A Supply Chain Attack

Today, RSA is publishing new research on a sophisticated software supply-chain attack – dubbed “Kingslayer”. RSA Research investigated the source of suspicious, observed beaconing thought to be associated with targeted malware. In the course of their investigation, RSA discovered a sophisticated software supply-chain attack involving a Trojan inserted in otherwise legitimate software; software that is…

Cloud Ready Threat Detection & Response

Organizations are leveraging third party cloud environments for increasingly critical data, applications, and infrastructure. The agility and potential cost savings that both public and private (virtual) clouds offer mean that the business can be more efficient and gain operational and financial advantages. While some organizations – dependent on vertical and “risk” appetite – may be…

Enabling the Hunt: RSA NetWitness Suite Updates & Enhancements

RSA Charge 2016, a gathering of more than 2,000 RSA customers, is off to a great start in New Orleans this week. Bringing together RSA product experts with our users and cybersecurity thought-leaders makes for great conversation, collaboration, innovation – and a little bit of fun! Our RSA NetWitness® Suite solution teams and customers have…

RSA NetWitness Suite: Changing the Security Paradigm

In technology – especially information security – the pace of change can be overwhelming. Adversaries continually invent new (and more often, reinvent old) ways to infiltrate and compromise organizations, while the good guys try to take advantage of the innovation in technologies, techniques, and processes to protect their organizations against these adversaries. But there are…

RSA Security Analytics Adds Behavior Analytics Engine

This week, RSA announced RSA Security Analytics 10.6 to help speed threat detection and response using real-time behavior analytics, enhanced detection capabilities for lateral movement and an on-demand enrichment service to provide context to speed investigations.   RSA’s focus remains on helping our customers to identify and remediate threats so that they can take action before…

Behavior Analytics: The Key to Rapid Detection and Response?

The use of detective analytics is now a central piece of security architectures, as security professionals are increasingly encountering a needle-in-a-haystack problem.  Security tools – especially rule based ones – as well as systems, applications, and infrastructure, create so much data that it’s tough to uncover the signal of a real attack. Analytic tools help…

Catching Phish with a Spear: Familiarity Breeds Contempt

Every week, or even every day, we all see emails from our banks, credit card issuers, or insurance companies, where we are asked to urgently click on a link due to a compromised account or to download an important notice. Even worse, we all have friends or relatives who have sent a cool video or…

The Malicious Insider: Hiding in Plain Sight

Insider attacks are different from external attacks because insiders already have a foothold in the organization.  As defined by  CERT, “a malicious insider threat to an organization is a current or former employee, contractor, or other business partner who has or had authorized access to an organization’s network, system, or data and intentionally exceeded or…

Spotting an Attacker’s “Tell” Through Data Analysis – Part 2

In part 1 of this 2 part blog series, we took a look how data analysis could be used to spot an attacker’s “tell.”  An attacker will, at some point, give away their malicious movement, and if the defender has the correct data and analytics and knows what to look for, either over a period…