RSA Security Analytics is designed to improve threat detection, investigations and response by consuming network flow data, full packet capture (PCAP), logs, and endpoint data, as well as information from other security systems, external threat intelligence and IT assets. Additionally, RSA Security Analytics applies multiple advanced analytics engines, including behavioral analytics, and investigative interfaces to this data to help detect attacks before they can impact the business.
One of the unique aspects of the architecture is RSA Security Analytics' support of RSA's Event Stream Analysis (ESA) technology which is engineered to deliver advanced analytics by enabling both correlations and more sophisticated machine learning-based techniques to detect and provide prioritized alerts on security incidents, as well as providing the full scope of an attack campaign.
Furthermore, RSA Security Analytics is designed to enable forensic investigations that make it simpler for security teams to determine the root cause of an incident in the broader scope of an attack campaign. RSA Security Analytics regularly receives fresh threat intelligence information and other content continuously through its RSA® Live service, which is included with the product. The RSA Live service provides machine-readable threat intelligence thus making the intelligence actionable immediately.
One other distinguishing capability of RSA Security Analytics is the ingestion of RSA® ECAT data, providing endpoint threat detection and response. When used together, the combined solution provides security teams with visibility, threat detection and response capabilities from endpoints to the cloud.
"Network-based security monitoring is not just important for the detection of malware; it is critical for the detection and investigation of a broad set of security incidents using multiple forms of telemetry and analytics," explained Frost & Sullivan Research Analyst Christopher Kissel. "RSA Security Analytics provides a comprehensive set of capabilities for incident detection and security forensics. Metadata generation and full network packet capture gives RSA Security Analytics depth and real-time visibility to determine the security posture of the enterprise as traffic traverses its network."
"RSA's solution is ahead in the technology race, creating significant advantages for security monitoring teams," added Kissel. "When a potential breach is detected, the ideal forensics system helps the security analyst act swiftly to contain the threat. RSA's central management of incidents, generation of metadata across multiple data sources, session replay to view exactly what occurred and what was exfiltrated, and the use of advanced analytics and machine learning enables exemplary threat detection and response."
EMC and RSA are either registered trademarks or trademarks of EMC Corporation in the United States and other countries. All other products and/or services referenced are trademarks of their respective companies.
About Frost & Sullivan
Frost & Sullivan, the Growth Partnership Company, works in collaboration with clients to leverage visionary innovation that addresses the global challenges and related growth opportunities that will make or break today's market participants.
Our "Growth Partnership" supports clients by addressing these opportunities and incorporating two key elements driving visionary innovation: The Integrated Value Proposition and The Partnership Infrastructure.
- The Integrated Value Proposition provides support to our clients throughout all phases of their journey to visionary innovation including: research, analysis, strategy, vision, innovation and implementation.
- The Partnership Infrastructure is entirely unique as it constructs the foundation upon which visionary innovation becomes possible. This includes our 360 degree research, comprehensive industry coverage, career best practices as well as our global footprint of more than 40 offices.
For more than 50 years, we have been developing growth strategies for the global 1000, emerging businesses, the public sector and the investment community. Is your organization prepared for the next profound wave of industry convergence, disruptive technologies, increasing competitive intensity, Mega Trends, breakthrough best practices, changing customer dynamics and emerging economies?
Contact Us: Start the discussion
Join Us: Join our community
Subscribe: Newsletter on "the next big thing"
Register: Gain access to visionary innovation
P: +44 (0) 207.343.8314
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/frost--sullivan-applauds-rsa-for-excellence-and-innovation-in-its-network-security-forensics-product-300256992.html
SOURCE Frost & Sullivan