This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
NetWitness Platform Product Advisories
Read and subscribe to the latest announcements and advisories relating to the NetWitness Platform.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- NetWitness Community
- Products
- NetWitness Platform
- Advisories
- Product Advisories
- RSA Live December Content Announcement
-
Options
- Subscribe to RSS Feed
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
RSA Live December Content Announcement
RSA Live December Content Announcement
The RSA Content team is pleased to announce the addition of new and updated content to the RSA Live Content Library.
New content and features now available:
Threat Detection Enhancement
RSA FirstWatch has released a parser that detects the network communication used by the GlassRAT Trojan.
RSA recently published a report on GlassRAT, a previously undetectable Remote Access Tool (RAT) that was discovered by the RSA Incident Response Team and investigated by RSA Research during an engagement with a multi-national enterprise.
Find additional details on GlassRat here: https://blogs.rsa.com/peering-into-glassrat/
RSA Live Enhancements
We have made it easier to find content within RSA Live through enhanced search capabilities.
Customers can now pinpoint the RSA Live content that is important and relevant to their environment by utilizing a “medium” filter available in Security Analytics 10.5.1. For example, if you’re looking for all content applicable to packet data, you now have the ability to search for “Packet” under the “Medium” search field in Live.
Check out SA Docs for more details of this enhancement:
https://sadocs.emc.com/0_en-us/089_105InfCtr/31_LivRes/30_Ref/LiveSrchVw
Updated Basic Rule Builder
With Security Analytics 10.5.1, we have added the capability to create statements that filter based on external content in the basic rule builder. This enables users to leverage their external enrichments.
Out of the Box Content Updates
13 Updates to Log parsers that improve parsing accuracy and support newer versions of event sources.
For a full breakdown of new/updated content released to RSA Live, go here:
https://sadocs.emc.com/0_en-us/300_RSA_ContentAndResources/RSA_Content_Resources
Also, you can view our entire content library and content request portals here:
https://sadocs.emc.com/0_en-us/300_RSA_ContentAndResources
https://sadocs.emc.com/0_en-us/300_RSA_ContentAndResources/RSA_Content_Resources/40_Request_Portals
In addition to net new content, The Content Team will continue to focus improving our out-of-the-box content by defining and applying categories for our existing content library. These analytical services categories will allow us and our customers to organize content in groups (Threat, Assurance, Identity, and Operations) which will allow them to apply and identify content more efficiently.
We also are working on a meta dictionary output which will allow you to see what meta is generated on a per parser basis. This effects the downstream of analytical content and enables us and customers to create accurate content based on meta outputs!
We look forward to sharing some great updates with you next month!
Regards,
The ASOC Content Team
For additional documentation, downloads, and more, visit the Security Analytics Space on RSA Link.
EOPS Policy:
RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the link below for additional details.
Product Version Life Cycle
No ratings
