How does NetWitness ensure the NetWitness Platform is secure?
Security in SDLC : NetWitness software undergoes various security checks during the SDLC process. Some of the major security controls in place includes (but not limited to) :
Security Reviews : Important and security sensitive features go through detailed manual security reviews.
Security Testing : Every year the product goes through an independent 3rd party penetration testing
Address Vulnerabilities : Vulnerabilities identified from the above-mentioned exercises are ticketed and tracked.
Certification : Exercises like Common Criteria certification for various NetWitness versions ensure security is looked at from various perspectives.
Validate Reports : Customer reports as well as reports through Responsible Disclosures are validated by the security team and if found to be a valid RISK, they are addressed as per established processes within NetWitness.
Training : All NetWitness developers are mandated to complete Secure Development Training to ensure they have the right skills and training to ensure security is built-in.
Where can I find details of Security related documents for NetWitness Platform product?
Security Configuration document: NetWitness Platform security configuration settings and security best practices such as Access Control Settings, Log Settings, Communication Security Settings, Data Security Settings, Alert System Settings, and Other Security Considerations are detailed in this document. See Security Configuration Guide for 11.7
FIPS Compliance document: Federal Information Processing Standards (FIPS) compliant mode for RSA NetWitness Platform. The FIPS publications are guidelines that set best practices for software and hardware security products for the protection of valuable and sensitive information. See Security Configuration Guide for 11.7
STIG Compliance document: NetWitness Platform is STIG compliant and helps to lock down information, systems, and software, which might otherwise be vulnerable to a malicious computer attack by limiting account access to a system. See Security Configuration Guide for 11.7
Letter of Engagement for Penetration Testing done in 2022