RSA, a Dell Technologies business, is pleased to announce the release of RSA NetWitness Orchestrator 4.1.
RSA NetWitness Orchestrator is a comprehensive security operations and automation technology that combines orchestration, incident management, and interactive investigation. The RSA NetWitness Orchestrator engine automates security product tasks and weaves in the human analyst tasks and workflows. In addition, RSA NetWitness Orchestrator also enables security teams to reduce Mean-Time-To-Respond (MTTR), create playbook-driven automated response actions, and leverage machine-learning powered insights for quicker resolution and greater efficiency.
Highlights of the capabilities available in the new RSA NetWitness Orchestrator 4.1 include:
Development and Production Environments. Orchestrator now supports the ability to work with external Git repositories for development and production environments.
Role Based Access Control (RBAC). Added RBAC support for: Automation (also supports running scripts as SUDO), Playbooks, and Integrations.
SLA. Incorporate SLA fields in your incidents so you can view how much time is left before the SLA becomes past due, as well as configure actions to take in the event that the SLA does pass.
Grid Field (Table). The Grid field is a custom field that enables you to add a grid to Incident pages.
Incident Summary Page. This version introduces inline editing in the summary page. This enables you to easily update important incident data on the fly.
Incidents and Indicators. Assign playbook tasks to users outside of the investigation and added additional commands for extracting Indicators.
General Improvements. Additional enhancements including ability toedit comments for file entries in the War Room, ability to edit notes created by other users, ability to click into KPI widgets for more info, and ability to use filters and transformers in the bang menu.
New Integrations. List of available integrations.
For additional information or for assistance integrating RSA NetWitness Orchestrator into your existing Security Operations Center or deployment please contact your local RSA Solution Principal and/or your local RSA Sales Team.