Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Thursday, January 31, 2013

RSA combines SIEM with incident visibility to create Security Analytics

The new capabilities include leveraging the power of Big Data to provide visibility and context required to help identify and defend against advanced security challenges and sophisticated threats, according to the company.  Richard Nichols, regional sales director for UK and Ireland at RSA, told SC Magazine that Security Analytics is engineered to enable the discovery of risks as they occur and is a technology that allows users to do security monitoring, incident investigation and management. RSA said that the concept combines security incident and event management data with analytics to give users one tool for visibility.  Nichols said: “We have taken the best of NetWitness and combined it with the RSA enVision platform, so it is about log collection and compliance.”

With this you get full security visibility of data for log and packet and it gives the user more intelligence and if something is known, if it has been seen before.”

Jon Oltsik, senior principal analyst at Enterprise Strategy Group, said: “The sophistication of advanced attacks and the associated malware is growing every day testing the limitations of existing security analytics tools.”

Marrying intelligence-driven security with Big Data analytics has the potential to help enterprises address the complex problem of advanced threats and thus meet a significant need in the marketplace.”


Posted on 01/31