Summary:
RSA NetWitness 11.1 strengthens the RSA NetWitness Evolved SIEM offering through deeper and extended visibility and threat intelligence to help increase productivity of your analysts.
New Features Include:
- Introduction of RSA NetWitness® Endpoint Insights. The RSA NetWitness product line extends to include free endpoint context to accelerate enterprise-wide threat detection and response. A single, lightweight agent collects host inventories, processes, user activity, and/or Microsoft Windows logs, reducing overall complexity of capturing logs.
- Delivers timely insights into endpoint hosts via scans.
- The dual purpose RSA NetWitness Insight agent is available free to RSA NetWitness customers.
- Optional Microsoft Windows Logs collection simplifies and reduces costs of monitoring Windows logs.
- Windows Logs collection requires licensed solution components for Logs solution.
- Instant Log Visibility. RSA enables dynamic enterprises to gain instant log visibility by identifying common tokens from their new applications and systems. New innovative “dynamic parsing” technology enables organizations to instantly parse new log data sources and immediately access critical security data.
- High Confidence Detection of Threats with New UEBA Content. Enables the high fidelity detection of user- and entity-based threats through a set of bundled UEBA content packs, which correlate multiple data sources and identify anomalous or suspicious user behavior
- Streamlined Security Management and Reduced Process Complexity. Continued innovation and improvements to help drive greater efficiencies for analysts of all skill and experience levels.
Recommendations:
For additional documentation, downloads, and more, visit the RSA NetWitness Suite page on RSA Link.
EOPS Policy:
RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.
