I want to know where I can find knowledge base articles on RSA Link that relate to specific security vulnerabilities so that I can know how my RSA products are impacted and what steps must be taken to mitigate the risk.
Information relating to security vulnerabilities is provided by RSA via
security advisories and
knowledge base articles. Security advisories are notifications that are published on RSA Link and also distributed to all customers and partners with active maintenance contracts for the affected product(s) via email.
Knowledge base articles, on the other hand, are only published on RSA Link and only those that
subscribe to (i.e. follow) the knowledge base for the product will receive email notifications. These articles are updated regularly--often multiple times per day when vulnerabilities are first discovered--to provide a real-time status on the impact to RSA products.
Vulnerabilities that have no impact on an RSA product (such as false positives) are published in the regular product knowledge base areas which are publicly accessible without the need to log in to RSA Link. (For example, the article entitled
RSA Security Analytics 10.6.2 OpenSSL vulnerabilities - False Positive is published within the
RSA NetWitness Logs & Network Knowledge Base space.)
Articles addressing vulnerabilities that do impact RSA products and require mitigation (or which are still under investigation) are accessible for the affected product. These articles reside on the
RSA Security Advisories (All Products) page. However, the most recent articles that meet this criteria can still be found on both the
Knowledge Base and
Security Advisories pages for each product under the
Recent Advisory Articles section, as shown in the screenshots below.
Image descriptionThe image above shows the Recent Advisory Articles section on the RSA NetWitness Logs & Network Knowledge Base page.
Image descriptionThe image above shows the Recent Advisory Articles section on the RSA SecurID Access Security Advisories page. The recent advisory articles can also be found on the
RSA Link Knowledge Base page, which can be accessed by clicking on the
Support option in the website main menu and then by clicking on the
Knowledge Base option on the page menu, as shown below.
Image description If you wish to be notified via email whenever one of these advisory articles are published then it is recommended that you
subscribe to (i.e. follow) the
RSA Security Advisories (All Products) page and select the
Inbox option.
Image description