This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
NetWitness Community Blog
Subscribe to the official NetWitness Community blog for information about new product features, industry insights, best practices, and more.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- NetWitness Community
- Blog
- What's New in RSA Security Analytics 10.6?
Anonymous
Not applicable
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
2016-05-23
05:18 PM
At RSA Conference 2016, RSA announced Security Analytics 10.6 (SA 10.6). SA 10.6 has the following new capabilities:
- Rapid and Expanded Detection Capabilities
New behavior analytics and machine learning techniques incorporated on the Event
Streaming Analytics (ESA) component to identify Suspicious Domains (Command and Control (C2) Activities).
Lateral Movement detection to identify suspicious Windows login activity to reveal
lateral movement attempts within an enterprise.
Enhancements for ESA rule execution including optimizations for event time ordering and
memory pooling and workflow enhancements for ESA Rule Builder.
- Comprehensive and Prioritized Investigations
On-Demand Enrichment capabilities provides context from RSA ECAT, white/blacklists and
previous identified incidents and alerts for prioritization and enrichment
within investigations. This feature allows an analyst to quickly tie in context
to help prioritize and gather context to help understand the full scope of the
incident.
- Improved Log Management Capabilities
Selective, granular log retention rules for reducing storage costs while still meeting
retention requirements
Enhanced workflows for event source monitoring and troubleshooting. Includes centralized
views for event source alarms and expanded alerting options.
- Improved Platform Operations
Improved Upgrade Experience including streamlined workflows with additional insight and
controls for the administrator.
Countless quality improvements and optimizations across the platform. See
release notes for a complete list.
For additional information, please see the following links:
- Press Release
- Blogs
- http://blogs.rsa.com/security-analytics-speeds-detection-and-response-with-behavior-analytics-engine/
- http://blogs.rsa.com/behavior-analytics-the-key-to-rapid-detection-response/
- http://blogs.rsa.com/improving-speed-of-investigation-with-automation-and-enrichment/
- http://blogs.rsa.com/automate-detection-and-detect-early-with-leading-indicators/
- Link to RSA SA 10.6 Training
- Link to RSA SA 10.6 Documentation Space
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Latest Articles
- Using NetWitness to Detect Phishing reCAPTCHA Campaign
- Netwitness Platform Integration with Amazon Elastic Kubernetes Service
- Netwitness Platform Integration with MS Azure Sentinel Incidents
- Netwitness Platform Integration with AWS Application Load Balancer Access logs
- The Sky Is Crying: The Wake of the 19 JUL 2024 CrowdStrike Content Update for Microsoft Windows and ...
- The Sky Is Crying: The Wake of the 19 JUL 2024 CrowdStrike Content Update for Microsoft Windows and ...
- New HotFix: Addresses Kernel Panic After Upgrading to 12.4.1
- Automation with NetWitness: Core and NetWitness APIs
- HYDRA Brute Force
- DDoS using BotNet Use Case
Labels
-
Announcements
64 -
Events
12 -
Features
12 -
Integrations
15 -
Resources
68 -
Tutorials
32 -
Use Cases
31 -
Videos
119
