This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

NetWitness Community

  • Home
  • Products
    • NetWitness Platform
      • Advisories
      • Documentation
        • Platform Documentation
        • Known Issues
        • Security Fixes
        • Hardware Documentation
        • Threat Content
        • Unified Data Model
        • Videos
      • Downloads
      • Integrations
      • Knowledge Base
    • NetWitness Cloud SIEM
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Detect AI
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Investigator
    • NetWitness Orchestrator
      • Advisories
      • Documentation
      • Knowledge Base
      • Legacy NetWitness Orchestrator
        • Advisories
        • Documentation
  • Community
    • Blog
    • Discussions
    • Events
    • Idea Exchange
  • Support
    • Case Portal
      • Create New Case
      • View My Cases
      • View My Team's Cases
    • Community Support
      • Getting Started
      • News & Announcements
      • Community Support Forum
      • Community Support Articles
    • Product Life Cycle
    • Support Information
    • General Security Advisories
  • Training
    • Blog
    • Certification Program
    • Course Catalog
    • New Product Readiness
    • On-Demand Subscriptions
    • Student Resources
    • Upcoming Events
  • Technology Partners
  • Trust Center
Sign InRegister Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Community Blog
Subscribe to the official NetWitness Community blog for information about new product features, industry insights, best practices, and more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcement Banner

The email address for NetWitness Community notifications is changing

View Details
  • NetWitness Community
  • Blog
  • RSA Live November Content Announcement

RSA Live November Content Announcement

RSAAdmin
RSAAdmin Beginner
Beginner
Options
  • Subscribe to RSS Feed
  • Mark as New
  • Mark as Read
  • Bookmark
  • Subscribe
  • Email to a Friend
  • Printer Friendly Page
  • Report Inappropriate Content
‎2014-11-18 02:14 PM

RSA is pleased to announce the addition of new and updated content to the RSA Live Content Library.

 

RSA Research

Just in time for shopping season we’d like to bring to your attention to two research papers written by our RSA Incident Response team. Both papers are excellent examples of how RSA Security Analytics and RSA ECAT can be used together to identify malicious activity, specifically focused on point-of-sale attacks and malware. They can be found on the Community here https://community.emc.com/docs/DOC-40472 and here https://community.emc.com/docs/DOC-40473

Our research team, RSA FirstWatch, have also posted a blog on the Community outlining how to use Security Analytics to detect variants of the YAKES Trojan. You can find the blog post here:

https://community.emc.com/docs/DOC-40349

New Content

We have created a bundle of new rules that are utilizing both our own intelligence feeds as well as RSA ECAT endpoint alerts that can now be used for incident detection with the Event Stream Analysis (ESA) appliance. We’ve also created rules utilizing IPS logs and host logs to detect DoS style attacks and service shutdowns as well as instances of mass audit log clearing. Lastly we’ve updated our 3rd party IOC feeds to include IOCs common to the activity of APT28, the suspected Russian threat group.

On the log front we have added log support for Bluecoat IPAM, DNS & DHCP as well as the Jenkins integration platform. We’ve also performed updates to 28 of our device log parsers

For a full list of New and Updated Content for November, please go here:

November Announcements

 

NEW! To view the entire library of content go to the  “Content and Resource” section on RSA Security Analytics Docs (SA Docs):

https://sadocs.emc.com/0_en-us/300_RSA_ContentAndResources

 

We look forward to presenting you new content updates next month!

Regards,

The RSA Security Analytics Content Team

Labels:
  • Announcements
  • Announcement
  • content_announcement
  • NetWitness
  • news
  • NW
  • NWP
  • RSA NetWitness
  • RSA NetWitness Platform
1 Like
Share

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

  • Comment
Latest Articles
  • Detecting Impacket with Netwitness Endpoint
  • Exotic Lily: Global Activity Analysis
  • Threat Research Data Hygiene Exercise: Retirement of Threat Research Intelligence Content and Report...
  • Netwitness Orchestrator Dashboarding Overview
  • Highlights from Recent Releases - Here's What's New in NetWitness Platform 11.7 and 11.7.1
  • NetWitness News Bytes: Improved Broker Query Experience
  • NetWitness News Bytes: Meta Only Event Reconstruction
  • NetWitness News - Press Releases
  • Endpoint Bundle Tuning
  • February 2022 Installment of the NetWitness Threat Research Intelligence & Content Update
Labels
  • Announcements 52
  • Events 2
  • Features 9
  • Integrations 6
  • Resources 56
  • Tutorials 21
  • Use Cases 20
  • Videos 116
Powered by Khoros
  • Blog
  • Events
  • Discussions
  • Idea Exchange
  • Knowledge Base
  • Case Portal
  • Community Support
  • Product Life Cycle
  • Support Information
  • About the Community
  • Terms & Conditions
  • Privacy Statement
  • Acceptable Use Policy
  • Employee Login
© 2022 RSA Security LLC or its affiliates. All rights reserved.