Getting Started with NetWitness Platform for AWS Marketplace

This document describes how to get started with Netwitness Platform 12.4 using AMI from AWS Marketplace and configure it.

About NetWitness Platform for AWS Marketplace

NetWitness Platform delivers uncompromised threat detection, investigation, and response, across network, logs, and endpoint, whether deployed on-premises, in the cloud, or hybrid. The NetWitness Platform allows security analysts to prioritize, respond, reconstruct, survey, investigate and confirm information about threats in their environment and take the appropriate response, optimizing their security posture and protecting against the impacts of attacks.

Core platform modules include network detection and response (NDR), security information and event management (SIEM) and endpoint detection and response (EDR). Additional modules are available for UEBA, SOAR, and asset analytics to reduce the attack surface. NetWitness features market-leading SASE integrations (both packets and logs), and over 400 integrations with general-purpose and industry-specific security tools, with the ability to instantly parse new sources. NetWitness Platform is utilized continuously in the field by NetWitness Incident Response/Cyber Defense Services, where new detections and methods cycle back into product development.

Prerequisites

Ensure the following before you begin the installation:

Access to the AWS console with the appropriate permissions to set up the network and launch an EC2 instance.
Subscribe to Netwitness 12.4 Product from Marketplace

NetWitness Community

Table of Contents

Product Resources