This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Platform Product Advisories
Read and subscribe to the latest announcements and advisories relating to the NetWitness Platform.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

NetWitness announces the release of NetWitness Platform XDR 12.1

Summary

NetWitness is pleased to announce the general availability of NetWitness Platform XDR 12.1. This release contains features to further enhance the threat detection, response capabilities and continued security updates.

NetWitness Platform XDR 12.1 includes the following notable enhancements.

Detection:

· Policy Based Centralized Content Management - A unified approach to find, deploy, manage content and data sources of Event Stream Analysis component through the entire lifecycle based on policies that can be assigned to groups of devices.

· Support for bulk rule deploy operations – Decoder supports new mergeall command for rules bulk merge operation that allows all the valid rules to be merged and return the list of invalid rules in case of an error. This feature avoids redeploying all rules in case of an error.

· Detections using Yara Rules – Endpoint agents run Yara rules locally to find malicious files.

· Endpoint host/file usability improvements – Analysts have an option for remediation actions from the endpoint alert details such as file download, hash look-up, change file status etc.

· Improved Log Parsing – Improvements to Log parsers to handle parsing of structured and unstructured data embedded in variables of structure logs and ability to build regex parse rule that will capture meta anywhere in the log triggered when a specific anchor text appears in the log.

Response:

· Export Incident data – An analyst can export the Incidents data including alerts and events in JSON format for future analysis and auditing.

Administration:

· Roles of a NetWitness user - An admin can view user roles for both internal and external users such as Active Directory.

· Password repetition policy – New option to avoid password repetition has been added to security settings page to enhance password policy.

· Define retention policy for downloaded file – Admins can define a retention policy to automatically clean-up the downloaded files after X days to avoid any potential disk space issues on the server.

Security:

· Security updates – Addresses latest security vulnerabilities reported against various libraries used by the product.

 

Have a great idea for Improving the RSA NetWitness Platform? Check out the Ideas for the NetWitness Platform portal and either submit your ideas for improving the NetWitness Platform or vote up previously submitted ideas!

For More Information on the Release and Upgrade Instructions:

Review the NetWitness® Platform XDR 12.1 Update Instructions and Release Notes available on the NetWitness Community before you update. For additional documentation, downloads, and more, visit the NetWitness Platform page.

EOPS Policy:

NetWitness has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.

Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2023-03-16 07:50 AM
Updated by:
Contributor Contributor

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.