This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Platform Product Advisories
Read and subscribe to the latest announcements and advisories relating to the NetWitness Platform.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA Live April Content Announcement

Dear RSA SecurCare Online Customer, 

 

The RSA Content Team is pleased to announce the addition of new and updated content to the RSA Live Content Library! As always the Content team has been heads down reviewing our existing Event Stream Analysis (ESA) rule library. This massive effort is focused on ensuring accuracy and organization around our current correlative capabilities. We are going above and beyond validating the logic of the rules, and we are leveraging our team of subject matter experts to eliminate false positives and ensure an extremely targeted rule set.

 

LetÕs take a look at what we have released to RSA Live during the month of April:

 

á 18 Updates to Event Streaming Analysis (ESA) rules

      - This will limit noise in customer ESA environments and ensure the most targeted intelligence in our rule library

 

á 25 Lua parser updates

     - This effort enhances parser performance, relieves memory issues, and ensures no duplication of generated meta

 

á 11 Application Rule updates

     - Addresses an issue where the ""filter"" app rules were not set to ""filter""

 

á 2 New Log parsers

     - Microsoft URL Scan - A tool that identifies the different types of HTTP requests that are sent to an IIS giving SA visibility into blocked/rejected URLs

    - UnboundID Identity Store access log events are supported

 

á 26 Log parser updates

     - Improves parsing accuracy and supports newer versions of event sources

 

 

For a full breakdown of new/updated content released to RSA Live, go here:

 

April Announcements

 

 

Also, you can view our holistic content library and content request portals here:

 

RSA Live Content

Content Request Portals

 

 

The next few months will be an exciting time for the Content Team! We will be finishing up our ESA rule library project and also focusing on rules and reports to enable alerting for critical activity with AWS environments. We are also planning on releasing some cool content for ShadowIT detection!

 

We look forward to sharing some great updates with you next month!

 

 

Regards,

 

The ASOC Content Team

ASOC.Content@rsa.com 

 

<!-- EndFragment -->
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2015-05-29 07:54 AM
Updated by:
Beginner

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.