RSA combines SIEM with incident visibility to create Security Analytics

News by Dan Raywood

RSA has combined technology from the acquisition of NetWitness to create a granular analytics platform.

RSA has combined technology from the acquisition of NetWitness to create a granular analytics platform.

Named Security Analytics, it builds upon the analysis and detection capabilities of the NetWitness technology that was expanded 12 months ago, RSA said. The new capabilities include leveraging the power of Big Data to provide visibility and context required to help identify and defend against advanced security challenges and sophisticated threats, according to the company.

Richard Nichols, regional sales director for UK and Ireland at RSA, told SC Magazine that Security Analytics is engineered to enable the discovery of risks as they occur and is a technology that allows users to do security monitoring, incident investigation and management. “Using a Big Data warehouse, it allows organisations to do advanced analysis in real-time and after the fact,” he said.

“Organisations are facing more [attacks] than ever before and reducing the level of impact by making the opportunity of attack smaller. With this you get full security visibility of data for log and packet and it gives the user more intelligence and if something is known, if it has been seen before.”

RSA said that the concept combines security incident and event management data with analytics to give users one tool for visibility. Nichols said: “We have taken the best of NetWitness and combined it with the RSA enVision platform, so it is about log collection and compliance.

“The amount of security events that are generated require a Big Data approach. Organisations have implemented networks managing terabytes of data so the ability to drill down is key.”

Jon Oltsik, senior principal analyst at Enterprise Strategy Group, said: “The sophistication of advanced attacks and the associated malware is growing every day testing the limitations of existing security analytics tools.

“The Big Data phenomenon could help address this situation for security professionals making it important for organisations to rethink their choice of security solutions. Marrying intelligence-driven security with Big Data analytics has the potential to help enterprises address the complex problem of advanced threats and thus meet a significant need in the marketplace.”

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews