Getting Started

RSA NetWitness Platform is a powerful threat detection suite that enables Security Operation Centers (SOCs) to quickly locate, prioritize, and triage threats. NetWitness Platform helps you to isolate and remediate known threats as well as those that were previously unknown. It provides deep insight into network (packets), logs, and endpoints that provide you with an unparalleled view into your enterprise or business.

The NetWitness Platform is powerful, but it is easier for Tier 1 Analysts to use because it automates the process of identifying and prioritizing suspicious threats. Tier 2 and Tier 3 analysts can hunt for and locate threats by searching and filtering events and then examining events using reconstruction and analysis tools.

You can understand the how to use netwitness to configure components, set up your access, and how to investigate logs, network, endpoints and user behaviors.