We recently released NetWitness Platform XDR version 12.1 which completed many initiatives related to detection content and policy management and enables us to launch new, threat-centric content bundles. These bundles focus on important elements related to adversaries, their strategies, attack vectors, and the tools they are known to use including:
- Target Sector, either Public or Private
- Industry Vertical
- Geographic Theater
- Threat Actor / Adversary
- Infrastructure Components
- Malicious Code & Content
- Adversary Tooling
- Tactics, Techniques, and Procedures
- Patterns of Behavior
These new bundles will help both new and veteran NetWitness customers advance their detection and response capabilities. Security operations staff will now be able to quickly identify, select, download, administer, and disseminate advanced threat content in a logical manner that is relevant to their specific organization. It will also speed the decision-making process associated with new detection materials and thereby reduce adversarial dwell time and potential harm.
Users can easily locate and select appropriate and targeted content via NetWitness Live! and will find new bundles that cover important areas including:
- Phishing
- Content Acquisition and Privilege Escalation
- Lateral Movement
- Data Exfiltration
- APT29/Cozy Bear Threat Group
For more information about NetWitness threat content bundles, please visit NetWitness Live! or speak with your sales and sales engineering teams.
